A vulnerability was found in OpenClaw up to 2026.4.7 and classified as critical . This impacts an unknown function of the component Websocket Connection Handler . Executing a manipulation can lead to session expiration. This vulnerability appears as CVE-2026-42421 . The attack may be performed from remote. There is no available exploit. It is suggested to upgrade the affected component.