CVE-2026-30741

CriticalPublic PoC

Published: 11 March 2026

Published

11 March 2026

Modified

17 March 2026

KEV Added

—

Patch

—

CVSS Score 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0043 62.8th percentile

Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Description

A remote code execution (RCE) vulnerability in OpenClaw Agent Platform v2026.2.6 allows attackers to execute arbitrary code via a Request-Side prompt injection attack.

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match

prevent

Requires timely remediation of the specific RCE flaw in OpenClaw Agent Platform v2026.2.6 to prevent exploitation.

SI-10 Information Input Validation good match

prevent

Enforces validation and sanitization of request inputs to block request-side prompt injection attacks leading to RCE.

SC-7 Boundary Protection good match

preventdetect

Monitors and controls communications at external boundaries to prevent and detect network-based exploitation of the unauthenticated RCE vulnerability.

Security SummaryAI

CVE-2026-30741 is a remote code execution (RCE) vulnerability in OpenClaw Agent Platform version 2026.2.6. Published on 2026-03-11, the flaw enables attackers to execute arbitrary code via a Request-Side prompt injection attack and is associated with CWE-94. It carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating critical severity due to its network accessibility, low attack complexity, lack of required privileges or user interaction, and high impacts on confidentiality, integrity, and availability.

Any remote, unauthenticated attacker can exploit this vulnerability over the network without user interaction. Successful exploitation allows arbitrary code execution on the affected OpenClaw Agent Platform instance, potentially leading to full system compromise.

Details on exploitation, including a proof-of-concept, are documented in the GitHub repository at https://github.com/Named1ess/CVE-2026-30741, the official OpenClaw repository at https://github.com/OpenClaw/OpenClaw, and a video at https://www.bilibili.com/video/BV1LoFazeEBM. Security practitioners should review these sources for any advisories, patches, or mitigation guidance.

Details

CWE(s): CWE-94

Affected Products

openclaw

≤ 2026.2.6

AI Security AnalysisAI

AI Category: Other AI Platforms
Risk Domain: LLM/Generative AI Risks
OWASP Top 10 for LLMs 2025: None mapped
MITRE ATLAS Techniques: None mapped
Classification Reason: Matched keywords: prompt injection

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

Why these techniques?

CVE-2026-30741 enables remote unauthenticated RCE via exploitation of a network-accessible OpenClaw Agent Platform, directly facilitating T1190: Exploit Public-Facing Application.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

References

https://github.com/Named1ess/CVE-2026-30741
Exploit · cve@mitre.org
https://github.com/OpenClaw/OpenClaw
Product · cve@mitre.org
https://www.bilibili.com/video/BV1LoFazeEBM
Exploit · cve@mitre.org