Description
OpenClaw before 2026.4.2 contains an inline-eval bypass vulnerability allowing authenticated operators to weaken strict allowlist checks via shell positional parameters. Attackers can combine allowlisted tools with shell positional arguments to place inline-eval content in shell carriers outside intended allowlist rules, enabling execution of unapproved shell-provided content.
Published: 2026-06-16
Score: 7.6 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

OpenClaw before version 2026.4.2 has an inline-eval bypass that allows authenticated operators to subvert strict allow‑list checks by using shell positional parameters. The flaw lets attackers combine allowed tools with positional arguments to embed inline‑eval content within shell carriers that fall outside the intended allow‑list, thereby executing shell code supplied by the attacker. The result is execution of arbitrary shell commands that are normally disallowed, potentially giving the attacker elevated privileges within the system.

Affected Systems

All installations of OpenClaw OpenClaw using any release prior to 2026.4.2 are susceptible. The vulnerability is fixed in version 2026.4.2 and later.

Risk and Exploitability

The CVSS score of 7.6 indicates a high severity impact for authenticated users. Because the flaw requires valid access to the application, the attack vector is limited to trusted users rather than external attackers, which is reflected in the EPSS score of less than 1%. The vulnerability is not included in the CISA KEV catalog, indicating no known public exploits at the time of assessment. The potential for exploiting this weakness hinges on the ability of an attacker to run arbitrary commands via the application’s shell interface, which could lead to further compromise or privilege escalation within the controlled environment.

Generated by OpenCVE AI on June 17, 2026 at 21:23 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to OpenClaw version 2026.4.2 or newer to remove the inline‑eval bypass flaw.
  • Re‑configure the application to disable or restrict use of inline‑eval and shell positional parameters where possible.
  • Implement stricter allow‑list controls for shell commands, ensuring only fully trusted commands and carriers are permitted.

Generated by OpenCVE AI on June 17, 2026 at 21:23 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 16 Jun 2026 18:30:00 +0000

Type Values Removed Values Added
Description OpenClaw before 2026.4.2 contains an inline-eval bypass vulnerability allowing authenticated operators to weaken strict allowlist checks via shell positional parameters. Attackers can combine allowlisted tools with shell positional arguments to place inline-eval content in shell carriers outside intended allowlist rules, enabling execution of unapproved shell-provided content.
Title OpenClaw < 2026.4.2 - Shell Positional Parameters Bypass in Inline-Eval Checks
First Time appeared Openclaw
Openclaw openclaw
Weaknesses CWE-184
CWE-863
CPEs cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*
Vendors & Products Openclaw
Openclaw openclaw
References
Metrics cvssV3_1

{'score': 8.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N'}

cvssV4_0

{'score': 7.6, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

Openclaw Openclaw
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-06-17T13:53:53.200Z

Reserved: 2026-06-10T21:21:12.125Z

Link: CVE-2026-53855

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-06-16T19:17:02.910

Modified: 2026-06-16T20:42:46.200

Link: CVE-2026-53855

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-16T20:15:16Z

Weaknesses
  • CWE-184

    Incomplete List of Disallowed Inputs

  • CWE-863

    Incorrect Authorization