Product
OpenClaw Exec Approval Truncation Vulnerability
2 TTPsA high-severity vulnerability in OpenClaw's exec approval feature (versions prior to 2026.5.18) allows an authenticated attacker to bypass approval integrity by crafting a long command that appears benign in the truncated UI but contains a malicious suffix, leading to unauthorized command execution.
OpenClaw Vulnerability Allows Loading of Unscanned Payloads via Malicious Metadata
3 TTPs 1 CVEA high-severity vulnerability, CVE-2026-53810, in OpenClaw's marketplace runtime extension metadata allows an attacker to craft a malicious package that, when installed by a trusted operator, redirects runtime loading to hidden, unscanned code, potentially leading to unauthorized code execution and bypassing security checks.
OpenClaw Vulnerability Allows Local Forged Identity Headers
2 TTPsA vulnerability (GHSA-rggc-m335-3wvj) in OpenClaw's trusted-proxy deployments allows a local attacker on the same host to forge identity headers, bypassing intended security controls and potentially leading to unauthorized access or privilege escalation if the affected feature is enabled and reachable.
OpenClaw's POSIX Node system.run Safe-Bin Widened by Shell Expansion (GHSA-mhq8-78pj-5j79)
2 TTPsA vulnerability in OpenClaw's `system.run` safe-bin feature on POSIX nodes could allow a lower-privilege operator flow to read local files not intended by policy, as shell expansion can alter the interpretation of an approved command, causing a seemingly safe argument to expand into additional shell words and become a file operand, potentially exposing OpenClaw configuration data or other node-local information.
OpenClaw Node Forgery via Missing Provenance Check (CVE-2026-53816)
2 TTPs 1 CVEA vulnerability, CVE-2026-53816, in npm/openclaw versions prior to 2026.5.18, allows a malicious or compromised paired node to forge 'exec' lifecycle events and send them to the gateway, which, due to a missing provenance check, accepts the attacker-supplied event data as legitimate execution results, leading to unauthorized capability exposure for the compromised node.