Vulnerability Description
OpenClaw versions prior to 2026.2.2 contain an exec approvals (must be enabled) allowlist bypass vulnerability that allows attackers to execute arbitrary commands by injecting command substitution syntax. Attackers can bypass the allowlist protection by embedding unescaped $() or backticks inside double-quoted strings to execute unauthorized commands.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Openclaw | Openclaw | < 2026.2.2 |
Related Weaknesses (CWE)
References
- https://github.com/openclaw/openclaw/commit/d1ecb46076145deb188abcba8f0699709ea1Patch
- https://github.com/openclaw/openclaw/security/advisories/GHSA-3hcm-ggvf-rch5Vendor Advisory
- https://www.vulncheck.com/advisories/openclaw-exec-allowlist-bypass-via-command-Third Party Advisory
FAQ
What is CVE-2026-28470?
CVE-2026-28470 is a vulnerability with a CVSS score of 9.8 (CRITICAL). OpenClaw versions prior to 2026.2.2 contain an exec approvals (must be enabled) allowlist bypass vulnerability that allows attackers to execute arbitrary commands by injecting command substitution syn...
How severe is CVE-2026-28470?
CVE-2026-28470 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2026-28470?
Check the references section above for vendor advisories and patch information. Affected products include: Openclaw Openclaw.