A vulnerability was found in OpenClaw up to 2026.3.30 and classified as problematic . The impacted element is an unknown function of the component validationHTTP Operator Endpoint . Such manipulation leads to cross-site request forgery. This vulnerability is referenced as CVE-2026-41347 . It is possible to launch the attack remotely. No exploit is available. It is suggested to upgrade the affected component.