Impact
OpenClaw versions before 2026.5.18 allow an attacker to modify shell wrapper command arguments after they have been approved by an allowlist, enabling the execution of arbitrary command shapes that were not originally authorized. The flaw, identified as CWE-367 and CWE-77, can lead to the injection of malicious commands, compromising the confidentiality, integrity, or availability of the system. It is inferred that the vulnerability is limited to components that rely on the shell wrapper, but the impact can extend across the entire application if the wrapper is part of critical operational paths.
Affected Systems
The affected product is OpenClaw by OpenClaw, specifically any deployment running a version earlier than 2026.5.18.
Risk and Exploitability
The CVSS score of 8.7 indicates a high severity. The EPSS score is less than 1%, indicating a very low likelihood of exploitation. The vulnerability is not listed in the CISA KEV catalog. The likely attack vector is interfaces that forward user input to the shell wrapper, exploiting the discrepancy between approval and execution. This inference is based on the description’s emphasis on modification between approval and execution.
OpenCVE Enrichment