Description
OpenClaw before 2026.5.12 contains a shell option parsing vulnerability that allows combined POSIX shell flags to bypass exec revalidation checks. Attackers can exploit this by using combined shell options to execute inline shell content without intended allowlist validation, potentially enabling unauthorized command execution when the affected feature is enabled.
Published: 2026-06-11
Score: 7.7 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability is a shell option parsing flaw that permits attackers to combine POSIX shell flags to bypass exec revalidation checks, allowing execution of inline shell content without the intended allowlist validation. This flaw, identified as CWE-367, can lead to unauthorized command execution when the affected feature is enabled in the application.

Affected Systems

OpenClaw versions prior to 2026.5.12 are affected. The product runs on Node.js environments and is distributed as OpenClaw:OpenClaw. Users of these versions should verify the installed date and version before taking action.

Risk and Exploitability

The CVSS score is 7.7, indicating a high severity. EPSS information is not available, but the flaw is not listed in CISA KEV, suggesting no known widespread exploitation yet. The attack vector likely requires access to the application’s shell option handling, so actively enabled features or exposed interfaces could provide a pathway for exploitation. Due to the high severity score, immediate attention is warranted.

Generated by OpenCVE AI on June 11, 2026 at 21:25 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to OpenClaw 2026.5.12 or later to apply the official fix for the shell option parsing bypass.
  • If upgrading immediately is not possible, disable or restrict usage of the affected feature that processes shell options.
  • Review application configuration to ensure shell option revalidation is enforced and that no unvalidated shell content can be processed.

Generated by OpenCVE AI on June 11, 2026 at 21:25 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 11 Jun 2026 20:45:00 +0000

Type Values Removed Values Added
Description OpenClaw before 2026.5.12 contains a shell option parsing vulnerability that allows combined POSIX shell flags to bypass exec revalidation checks. Attackers can exploit this by using combined shell options to execute inline shell content without intended allowlist validation, potentially enabling unauthorized command execution when the affected feature is enabled.
Title OpenClaw < 2026.5.12 - Shell Option Parsing Bypass in Exec Revalidation
First Time appeared Openclaw
Openclaw openclaw
Weaknesses CWE-367
CPEs cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*
Vendors & Products Openclaw
Openclaw openclaw
References
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 7.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Openclaw Openclaw
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-06-11T20:05:21.614Z

Reserved: 2026-06-10T21:14:38.834Z

Link: CVE-2026-53806

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-06-11T21:16:22.443

Modified: 2026-06-11T21:16:22.443

Link: CVE-2026-53806

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-11T21:30:05Z

Weaknesses
  • CWE-367

    Time-of-check Time-of-use (TOCTOU) Race Condition