CVE-2026-28363

CRITICAL

OpenClaw <2026.2.23 - Command Injection

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2026-28363. PoCs published by kaleth4.

AI-analyzed exploit summary The repository contains a functional exploit for CVE-2026-28363, targeting OpenClaw's validation bypass via GNU sort command abbreviations. The exploit leverages the incomplete disallowed inputs list to achieve remote code execution (RCE).

Description

In OpenClaw before 2026.2.23, tools.exec.safeBins validation for sort could be bypassed via GNU long-option abbreviations (such as --compress-prog) in allowlist mode, leading to approval-free execution paths that were intended to require approval. Only an exact string such as --compress-program was denied.

Exploits (1)

nomisec WORKING POC
by kaleth4 · poc
https://github.com/kaleth4/CVE-2026-28363

The repository contains a functional exploit for CVE-2026-28363, targeting OpenClaw's validation bypass via GNU sort command abbreviations. The exploit leverages the incomplete disallowed inputs list to achieve remote code execution (RCE).

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: OpenClaw < 2026.2.23
Auth required
Prerequisites: target URL · Bearer Token/API Key · reverse shell IP/port or custom command
devstral-2 · analyzed Apr 09, 2026 Full analysis →

References (1)

Core 1

Scores

CVSS v3 9.9
EPSS 0.0005
EPSS Percentile 15.6%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-184
Status published
Products (2)
npm/openclaw 0 - 2026.2.23npm
openclaw/openclaw < 2026.2.23
Published Feb 27, 2026
Tracked Since Feb 27, 2026