CVE-2026-28460

OpenClaw versions prior to 2026.2.22 contain an allowlist bypass vulnerability in system.run that allows attackers to execute non-allowlisted commands by splitting command substitution using shell line-continuation characters. Attackers can bypass security analysis by injecting $\\ followed by a newline and opening parenthesis inside double quotes, causing the shell to fold the line continuation into executable command substitution that circumvents approval boundaries.

CVSS v3 7.1 HIGH

7.1^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 4.2

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact LOW

Scope UNCHANGED

References

Link	Resource
https://github.com/openclaw/openclaw/commit/3f0b9dbb36c86e308267924c0d3d4a4e1fc4d1e9	Patch
https://github.com/openclaw/openclaw/security/advisories/GHSA-9868-vxmx-w862	Mitigation Vendor Advisory
https://www.vulncheck.com/advisories/openclaw-allowlist-bypass-via-shell-line-continuation-command-substitution-in-system-run	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*

History

25 Mar 2026, 15:16

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~5.9~~	v2 : unknown v3 : 7.1
Summary		(es) Las versiones de OpenClaw anteriores a la 2026.2.22 contienen una vulnerabilidad de omisión de lista de permitidos en system.run que permite a los atacantes ejecutar comandos no incluidos en la lista de permitidos dividiendo la sustitución de comandos mediante caracteres de continuación de línea de shell. Los atacantes pueden eludir el análisis de seguridad inyectando $\\ seguido de un salto de línea y un paréntesis de apertura dentro de comillas dobles, haciendo que el shell pliegue la continuación de línea en una sustitución de comandos ejecutable que elude los límites de aprobación.

19 Mar 2026, 19:18

Type	Values Removed	Values Added
First Time		Openclaw openclaw Openclaw
CPE		cpe:2.3:a:openclaw:openclaw::::::node.js::*
References	~~() https://github.com/openclaw/openclaw/commit/3f0b9dbb36c86e308267924c0d3d4a4e1fc4d1e9 -~~	() https://github.com/openclaw/openclaw/commit/3f0b9dbb36c86e308267924c0d3d4a4e1fc4d1e9 - Patch
References	~~() https://github.com/openclaw/openclaw/security/advisories/GHSA-9868-vxmx-w862 -~~	() https://github.com/openclaw/openclaw/security/advisories/GHSA-9868-vxmx-w862 - Mitigation, Vendor Advisory
References	~~() https://www.vulncheck.com/advisories/openclaw-allowlist-bypass-via-shell-line-continuation-command-substitution-in-system-run -~~	() https://www.vulncheck.com/advisories/openclaw-allowlist-bypass-via-shell-line-continuation-command-substitution-in-system-run - Third Party Advisory

19 Mar 2026, 02:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-03-19 02:16

Updated : 2026-03-25 15:16

NVD link : CVE-2026-28460

Mitre link : CVE-2026-28460

CVE.ORG link : CVE-2026-28460

JSON object : View

Products Affected

openclaw

openclaw

CWE

CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

7.1 /10