A vulnerability, which was classified as problematic , was found in OpenClaw up to 2026.4.1 . Affected is an unknown function. Executing a manipulation can lead to observable timing discrepancy. This vulnerability is registered as CVE-2026-41407 . It is possible to launch the attack remotely. No exploit is available. You should upgrade the affected component.