A vulnerability marked as problematic has been reported in OpenClaw up to 2026.3.27 . Impacted is an unknown function of the file /usr/bin/script . The manipulation leads to reliance on untrusted inputs in a security decision. This vulnerability is referenced as CVE-2026-41390 . The attack can only be performed from a local environment. No exploit is available. It is suggested to upgrade the affected component.