CYBERHAWK / CVE / CVE-2026-44118

CVE-2026-44118

OpenClaw

HIGH CVSS 7.8 ai

The flaw

Authentication bypass in MCP loopback context derivation via spoofable bearer tokens.

What to do

Update to version 2026.4.22 or later

▸ Scan my repo for CVE-2026-44118

References

NVD CISA KEV OSV GitHub Advisory MITRE News search
First seen 2026-05-08 · Tracked by PickBits CyberHawk · Weekly CVE digest
← All CVEs RSS Scheduled audits