CVE-2026-28466

CRITICAL

OpenClaw <2026.2.14 - Command Injection

Title source: llm

Description

OpenClaw versions prior to 2026.2.14 contain a vulnerability in the gateway in which it fails to sanitize internal approval fields in node.invoke parameters, allowing authenticated clients to bypass exec approval gating for system.run commands. Attackers with valid gateway credentials can inject approval control fields to execute arbitrary commands on connected node hosts, potentially compromising developer workstations and CI runners.

References (6)

[Patch] https://github.com/openclaw/openclaw/commit/0af76f5f0e93540efbdf054895216c398692afcd

View Patch ZIP pw:eip

[Patch] https://github.com/openclaw/openclaw/commit/318379cdb8d045da0009b0051bd0e712e5c65e2d

[Patch] https://github.com/openclaw/openclaw/commit/a7af646fdab124a7536998db6bd6ad567d2b06b0

[Patch] https://github.com/openclaw/openclaw/commit/c1594627421f95b6bc4ad7c606657dc75b5ad0ce

[Vendor Advisory] https://github.com/openclaw/openclaw/security/advisories/GHSA-gv46-4xfq-jv58

[Third Party Advisory] https://www.vulncheck.com/advisories/openclaw-remote-code-execution-via-node-invoke-approval-bypass

Scores

CVSS v3 9.9

EPSS 0.0009

EPSS Percentile 26.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Classification

CWE

CWE-863

Status published

Affected Products (2)

npm/openclaw < 2026.2.14npm

openclaw/openclaw < 2026.2.14

Timeline

Published Mar 05, 2026

Tracked Since Mar 06, 2026