Vulnerability Description
OpenClaw before 2026.4.20 contains a tool policy bypass vulnerability allowing bundled MCP and LSP tools to circumvent configured tool restrictions. Attackers with local agent access can append restricted tools to the effective tool set after policy filtering, bypassing profile policies, allow/deny lists, owner-only restrictions, sandbox policies, and subagent policies.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Openclaw | Openclaw | < 2026.4.20 |
Related Weaknesses (CWE)
References
- https://github.com/openclaw/openclaw/commit/0e7a992d3f3155199c1acc2dd9a53c5b3a4dPatch
- https://github.com/openclaw/openclaw/security/advisories/GHSA-qrp5-gfw2-gxv4Third Party Advisory
- https://www.vulncheck.com/advisories/openclaw-tool-policy-bypass-via-bundled-mcpThird Party AdvisoryPatch
FAQ
What is CVE-2026-44998?
CVE-2026-44998 is a vulnerability with a CVSS score of 5.4 (MEDIUM). OpenClaw before 2026.4.20 contains a tool policy bypass vulnerability allowing bundled MCP and LSP tools to circumvent configured tool restrictions. Attackers with local agent access can append restri...
How severe is CVE-2026-44998?
CVE-2026-44998 has been rated MEDIUM with a CVSS base score of 5.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-44998?
Check the references section above for vendor advisories and patch information. Affected products include: Openclaw Openclaw.