Description
OpenClaw before 2026.5.18 contains a code execution vulnerability where marketplace runtime extension metadata can redirect loading toward unscanned package payloads. Attackers with trusted operator access can manipulate extension metadata to load plugin code outside reviewed package entry points, bypassing security scanning.
Published: 2026-06-11
Score: 7.7 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability allows an attacker with trusted operator access to alter the marketplace runtime extension metadata so that unscanned plugin code can be loaded, leading to arbitrary code execution. This flaw is a type of CWE-829 over-privilege, permitting the execution of malicious code outside the intended application sandbox and potentially compromising confidentiality, integrity, and availability of the affected system.

Affected Systems

OpenClaw software, all releases prior to version 2026.5.18. The vulnerability is present in all builds where marketplace runtime extensions are enabled and the application does not validate plugin metadata.

Risk and Exploitability

The CVSS score of 7.7 reflects a high‑severity flaw. Exploitability requires the attacker to have privileged operator access; no external public-facing attack vector is reported. Because the exploitation bypasses security scanning, a compromised extension can execute any code, making the potential impact severe. The EPSS score is not available, and the vulnerability is not listed in CISA KEV, so current evidence suggests exploitation is not yet widespread but the high severity warrants immediate attention.

Generated by OpenCVE AI on June 11, 2026 at 21:54 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update OpenClaw to version 2026.5.18 or later to apply the official fix.
  • Limit trusted operator privileges to the minimum required scope and audit role changes regularly.
  • Disable or remove any marketplace runtime extensions that have not been formally reviewed, and enforce a policy that only approved packages can be loaded.

Generated by OpenCVE AI on June 11, 2026 at 21:54 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 11 Jun 2026 20:45:00 +0000

Type Values Removed Values Added
Description OpenClaw before 2026.5.18 contains a code execution vulnerability where marketplace runtime extension metadata can redirect loading toward unscanned package payloads. Attackers with trusted operator access can manipulate extension metadata to load plugin code outside reviewed package entry points, bypassing security scanning.
Title OpenClaw < 2026.5.18 - Arbitrary Code Execution via Unscanned Marketplace Runtime Extension Metadata
First Time appeared Openclaw
Openclaw openclaw
Weaknesses CWE-829
CPEs cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*
Vendors & Products Openclaw
Openclaw openclaw
References
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 7.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Openclaw Openclaw
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-06-11T20:07:04.630Z

Reserved: 2026-06-10T21:14:38.834Z

Link: CVE-2026-53810

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-06-11T21:16:23.030

Modified: 2026-06-11T21:16:23.030

Link: CVE-2026-53810

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-11T22:00:08Z

Weaknesses
  • CWE-829

    Inclusion of Functionality from Untrusted Control Sphere