Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.1
OpenClaw Allows Malicious Code to Run on Windows System
GHSA-5v6x-rfc3-7qfr
CVE-2026-22168
Summary
OpenClaw, a Windows-based system, has a security flaw that allows unauthorized code to run on the system when a trusted user approves a command. This can happen when a user is tricked into approving a harmless-sounding command that actually contains malicious code. To protect yourself, update OpenClaw to the latest version, which includes a fix for this issue.
What to do
- Update steipete openclaw to version 2026.2.21.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| steipete | openclaw | <= 2026.2.21 | 2026.2.21 |
Original title
OpenClaw versions prior to 2026.2.21 contain an approval-integrity mismatch vulnerability in system.run that allows authenticated operators to execute arbitrary trailing arguments after cmd.exe /c ...
Original description
OpenClaw versions prior to 2026.2.21 contain an approval-integrity mismatch vulnerability in system.run that allows authenticated operators to execute arbitrary trailing arguments after cmd.exe /c while approval text reflects only a benign command. Attackers can smuggle malicious arguments through cmd.exe /c to achieve local command execution on trusted Windows nodes with mismatched audit logs.
osv CVSS4.0
8.4
Vulnerability type
CWE-863
Incorrect Authorization
CWE-88
Published: 18 Mar 2026 · Updated: 18 Mar 2026 · First seen: 18 Mar 2026