A vulnerability marked as critical has been reported in OpenClaw up to 2026.4.22 . Affected by this issue is some unknown functionality of the file config.apply of the component Configuration Handler . This manipulation causes incomplete blacklist. This vulnerability is tracked as CVE-2026-45006 . The attack is possible to be carried out remotely. No exploit exists. It is suggested to upgrade the affected component.