CVE-2026-28466

CRITICAL

OpenClaw <2026.2.14 - Command Injection

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2026-28466. PoCs published by Orioning.

AI-analyzed exploit summary This repository contains a functional exploit for CVE-2026-28466, targeting OpenClaw versions prior to 2026.2.14. The exploit leverages a WebSocket connection to authenticate and execute arbitrary system commands via the 'node.invoke' method.

Description

OpenClaw versions prior to 2026.2.14 contain a vulnerability in the gateway in which it fails to sanitize internal approval fields in node.invoke parameters, allowing authenticated clients to bypass exec approval gating for system.run commands. Attackers with valid gateway credentials can inject approval control fields to execute arbitrary commands on connected node hosts, potentially compromising developer workstations and CI runners.

Exploits (1)

nomisec WORKING POC
by Orioning · poc
https://github.com/Orioning/CVE-2026-28466

This repository contains a functional exploit for CVE-2026-28466, targeting OpenClaw versions prior to 2026.2.14. The exploit leverages a WebSocket connection to authenticate and execute arbitrary system commands via the 'node.invoke' method.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: OpenClaw < 2026.2.14
Auth required
Prerequisites: WebSocket endpoint access · valid authentication token · target node ID
devstral-2 · analyzed Apr 09, 2026 Full analysis →

References (6)

Core 6

Scores

CVSS v3 9.9
EPSS 0.0005
EPSS Percentile 16.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-863
Status published
Products (2)
npm/openclaw 0 - 2026.2.14npm
openclaw/openclaw < 2026.2.14
Published Mar 05, 2026
Tracked Since Mar 06, 2026