A vulnerability, which was classified as critical , has been found in OpenClaw up to 2026.5.11 . Affected by this vulnerability is an unknown functionality. The manipulation leads to improper neutralization of script in attributes in a web page. This vulnerability is listed as CVE-2026-53841 . The attack may be initiated remotely. There is no available exploit. It is advisable to upgrade the affected component.