{"id":"CVE-2026-41679","summary":"Paperclip Vulnerable to Unauthenticated Remote Code Execution via Import Authorization Bypass","details":"Paperclip is a Node.js server and React UI that orchestrates a team of AI agents to run a business. Prior to version 2026.416.0, an unauthenticated attacker can achieve full remote code execution on any network-accessible Paperclip instance running in `authenticated` mode with default configuration. No user interaction, no credentials, just the target's address. The chain consists of six API calls. The attack is fully automated, requires no user interaction, and works against the default deployment configuration. Version 2026.416.0 patches the issue.","aliases":["GHSA-68qg-g8mg-6pr7"],"modified":"2026-07-15T01:48:58.933029539Z","published":"2026-04-23T00:53:16.391Z","database_specific":{"cna_assigner":"GitHub_M","cwe_ids":["CWE-1188","CWE-287","CWE-862"],"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/41xxx/CVE-2026-41679.json"},"references":[{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/41xxx/CVE-2026-41679.json"},{"type":"ADVISORY","url":"https://github.com/paperclipai/paperclip/security/advisories/GHSA-68qg-g8mg-6pr7"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-41679"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/paperclipai/paperclip","events":[{"introduced":"0"},{"fixed":"4477ca2a7e5b82ebd40a74e62b35bab2bcda6422"}],"database_specific":{"extracted_events":[{"introduced":"0"},{"fixed":"2026.410.0"},{"fixed":"2026.416.0"}],"source":["AFFECTED_FIELD","CPE_RANGE"],"cpe":["cpe:2.3:a:paperclip:paperclipai:*:*:*:*:*:node.js:*:*","cpe:2.3:a:paperclip:paperclipai\\/server:*:*:*:*:*:node.js:*:*"]}}],"versions":["canary/v2026.320.0-canary.6","canary/v2026.409.0-canary.4","canary/v2026.409.0-canary.3","canary/v2026.409.0-canary.2","canary/v2026.409.0-canary.1","canary/v2026.409.0-canary.0","canary/v2026.408.0-canary.5","canary/v2026.408.0-canary.4","canary/v2026.408.0-canary.3","canary/v2026.408.0-canary.2","canary/v2026.408.0-canary.1","canary/v2026.408.0-canary.0","canary/v2026.407.0-canary.12","canary/v2026.407.0-canary.11","canary/v2026.407.0-canary.10","canary/v2026.407.0-canary.9","canary/v2026.407.0-canary.8","canary/v2026.407.0-canary.7","canary/v2026.407.0-canary.6","canary/v2026.407.0-canary.5","canary/v2026.407.0-canary.3","canary/v2026.407.0-canary.2","canary/v2026.407.0-canary.1","canary/v2026.407.0-canary.0","canary/v2026.406.0-canary.7","canary/v2026.406.0-canary.6","canary/v2026.406.0-canary.5","canary/v2026.406.0-canary.4","canary/v2026.404.0-canary.4","canary/v2026.406.0-canary.3","canary/v2026.406.0-canary.2","canary/v2026.406.0-canary.1","canary/v2026.406.0-canary.0","canary/v2026.404.0-canary.3","canary/v2026.404.0-canary.2","canary/v2026.404.0-canary.1","v2026.403.0","canary/v2026.404.0-canary.0","canary/v2026.403.0-canary.10","canary/v2026.403.0-canary.9","canary/v2026.403.0-canary.8","canary/v2026.403.0-canary.7","canary/v2026.403.0-canary.6","canary/v2026.403.0-canary.5","canary/v2026.403.0-canary.4","canary/v2026.403.0-canary.3","canary/v2026.403.0-canary.2","canary/v2026.403.0-canary.1","canary/v2026.403.0-canary.0","canary/v2026.402.0-canary.7","canary/v2026.402.0-canary.6","canary/v2026.402.0-canary.5","canary/v2026.326.0-canary.7","canary/v2026.326.0-canary.6","canary/v2026.326.0-canary.5","canary/v2026.326.0-canary.4","canary/v2026.326.0-canary.3","canary/v2026.326.0-canary.2","canary/v2026.326.0-canary.1","canary/v2026.326.0-canary.0","v2026.325.0","canary/v2026.325.0-canary.1","canary/v2026.325.0-canary.0","canary/v2026.324.0-canary.12","canary/v2026.324.0-canary.11","canary/v2026.324.0-canary.10","canary/v2026.324.0-canary.9","canary/v2026.324.0-canary.8","canary/v2026.324.0-canary.7","canary/v2026.324.0-canary.6","canary/v2026.324.0-canary.4","canary/v2026.324.0-canary.5","canary/v2026.324.0-canary.3","canary/v2026.324.0-canary.2","canary/v2026.324.0-canary.1","canary/v2026.324.0-canary.0","canary/v2026.323.0-canary.5","canary/v2026.323.0-canary.4","canary/v2026.323.0-canary.3","canary/v2026.323.0-canary.2","canary/v2026.323.0-canary.1","canary/v2026.323.0-canary.0","canary/v2026.321.0-canary.4","canary/v2026.321.0-canary.3","canary/v2026.321.0-canary.2","canary/v2026.321.0-canary.1","canary/v2026.321.0-canary.0","canary/v2026.320.0-canary.7","canary/v2026.320.0-canary.5","canary/v2026.320.0-canary.4","canary/v2026.320.0-canary.0","canary/v2026.320.0-canary.3","canary/v2026.320.0-canary.2","canary/v2026.320.0-canary.1","canary/v2026.319.0-canary.3","canary/v2026.319.0-canary.2","canary/v2026.319.0-canary.1","canary/v2026.319.0-canary.0","canary/v2026.318.1-canary.1","canary/v2026.318.1-canary.0","v2026.318.0","canary/v2026.318.0-canary.2","canary/v2026.318.0-canary.1","canary/v2026.318.0-canary.0","canary/v2026.3.18-canary.0","canary/v2026.3.17-canary.3","paperclipai@0.2.7","@paperclipai/shared@0.2.7","@paperclipai/server@0.2.7","@paperclipai/db@0.2.7","@paperclipai/adapter-utils@0.2.7","@paperclipai/adapter-openclaw@0.2.7","@paperclipai/adapter-codex-local@0.2.7","@paperclipai/adapter-claude-local@0.2.7","paperclipai@0.2.6","@paperclipai/shared@0.2.6","@paperclipai/server@0.2.6","@paperclipai/db@0.2.6","@paperclipai/adapter-utils@0.2.6","@paperclipai/adapter-openclaw@0.2.6","@paperclipai/adapter-codex-local@0.2.6","@paperclipai/adapter-claude-local@0.2.6","paperclipai@0.2.5","@paperclipai/shared@0.2.5","@paperclipai/server@0.2.5","@paperclipai/db@0.2.5","@paperclipai/adapter-utils@0.2.5","@paperclipai/adapter-openclaw@0.2.5","@paperclipai/adapter-codex-local@0.2.5","@paperclipai/adapter-claude-local@0.2.5","paperclipai@0.2.4","@paperclipai/shared@0.2.4","@paperclipai/server@0.2.4","@paperclipai/db@0.2.4","@paperclipai/adapter-utils@0.2.4","@paperclipai/adapter-openclaw@0.2.4","@paperclipai/adapter-codex-local@0.2.4","@paperclipai/adapter-claude-local@0.2.4","paperclipai@0.2.3","@paperclipai/shared@0.2.3","@paperclipai/server@0.2.3","@paperclipai/db@0.2.3","@paperclipai/adapter-utils@0.2.3","@paperclipai/adapter-openclaw@0.2.3","@paperclipai/adapter-codex-local@0.2.3","@paperclipai/adapter-claude-local@0.2.3","paperclipai@0.2.2","@paperclipai/shared@0.2.2","@paperclipai/server@0.2.2","@paperclipai/db@0.2.2","@paperclipai/adapter-utils@0.2.2","@paperclipai/adapter-openclaw@0.2.2","@paperclipai/adapter-codex-local@0.2.2","@paperclipai/adapter-claude-local@0.2.2"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-41679.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"}]}