Impact
OpenClaw versions prior to 2026.5.12 allow attackers who have authenticated privileges to bypass execution restrictions in PowerShell by using encoded-command arguments that employ abbreviated flag aliases not recognized by the allowlist parser. The result is that an attacker can run arbitrary PowerShell code through the application, compromising confidentiality, integrity, and availability of the affected system. The weakness is a flaw in the command line parsing logic, classified as CWE‑184, which permits bypass of a security control designed to limit runtime commands.
Affected Systems
The vulnerability affects OpenClaw installations using the openclaw product before the 2026.5.12 release. Any deployment of the openclaw application built on Node.js and running a version older than 2026.5.12 is susceptible. The relevant vendor product is OpenClaw:OpenClaw, and affected environments include all systems that run the default PowerShell support in OpenClaw.
Risk and Exploitability
The CVSS score of 8.7 indicates high severity, and the lack of an EPSS score or KEV listing suggests no publicly known exploits yet, but the attack can be performed by authenticated users. Remote authenticated operators can craft malicious encoded commands using unrecognized alias forms, thereby executing arbitrary PowerShell content. The absence of a publicly available exploit does not reduce the potential risk, as the attack path is straightforward for anyone with credentials to the OpenClaw deployment.
OpenCVE Enrichment