CVE-2026-53836
HIGHOpenClaw < 2026.5.12 - Allowlist Bypass via PowerShell Encoded-Command Aliases
Title source: cnaDescription
OpenClaw before 2026.5.12 contains an allowlist bypass vulnerability in PowerShell encoded-command handling that allows attackers to execute encoded commands using abbreviated flag aliases not recognized by the allowlist parser. Remote authenticated operators can bypass execution allowlist checks by using unrecognized encoded-command alias forms to execute arbitrary PowerShell content.
References (2)
Core 2
Core References
Vendor Advisory vendor-advisory
GitHub Security Advisory (GHSA-j472-gf56-x589)
https://github.com/openclaw/openclaw/security/advisories/GHSA-j472-gf56-x589
Third Party Advisory third-party-advisory
VulnCheck Advisory: OpenClaw < 2026.5.12 - Allowlist Bypass via PowerShell Encoded-Command Aliases
https://www.vulncheck.com/advisories/openclaw-allowlist-bypass-via-powershell-encoded-command-aliases
Scores
CVSS v3
8.8
EPSS
0.0046
EPSS Percentile
36.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-184
Status
published
Products (2)
OpenClaw/OpenClaw
< 2026.5.12
OpenClaw/OpenClaw
2026.5.12
Published
Jun 12, 2026
Tracked Since
Jun 13, 2026