Platform
nodejs
Component
openclaw
Fixed in
2026.2.2
CVE-2026-28470 describes a critical command injection vulnerability discovered in OpenClaw. This flaw allows attackers to bypass the intended allowlist protection mechanism and execute arbitrary commands on the system. The vulnerability affects versions prior to 2026.2.2 and has been resolved in the updated release. Prompt patching is highly recommended to prevent potential compromise.
The impact of this vulnerability is severe. Successful exploitation allows an attacker to execute arbitrary commands with the privileges of the OpenClaw process. This could lead to complete system compromise, including data exfiltration, malware installation, and lateral movement within the network. The bypass of the allowlist suggests a design flaw in how OpenClaw handles user-supplied input, making it susceptible to injection attacks. This is analogous to vulnerabilities seen in other applications where command execution is controlled by allowlists without proper sanitization.
CVE-2026-28470 was publicly disclosed on March 5, 2026. The vulnerability's severity is rated as CRITICAL (CVSS 9.8). No public proof-of-concept exploits have been observed as of this writing, but the bypass nature of the vulnerability suggests a high likelihood of exploitation if left unpatched. It is not currently listed on CISA KEV.
Exploit Status
EPSS
0.09% (26% percentile)
CISA SSVC
CVSS Vector
The primary mitigation is to immediately upgrade OpenClaw to version 2026.2.2 or later. If upgrading is not immediately feasible, consider implementing temporary workarounds such as restricting network access to the OpenClaw process and carefully reviewing any user-supplied input for suspicious characters. While a direct WAF rule is unlikely to be effective due to the complexity of the bypass, strict input validation and sanitization within the OpenClaw application itself is crucial. Monitor system logs for unusual command execution patterns.
Update OpenClaw to version 2026.2.2 or higher to mitigate the vulnerability. This update fixes the issue by properly escaping command substitutions within double-quoted strings, preventing the execution of unauthorized commands.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-28470 is a critical vulnerability in OpenClaw allowing attackers to bypass the allowlist and execute arbitrary commands.
You are affected if you are running OpenClaw versions 0.0.0–2026.2.2. Check your version and upgrade immediately.
Upgrade OpenClaw to version 2026.2.2 or later. If immediate upgrade is not possible, implement temporary workarounds like restricting network access.
While no public exploits are currently known, the bypass nature of the vulnerability suggests a high risk of exploitation if unpatched.
Refer to the OpenClaw project's official website or security mailing list for the latest advisory and updates.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.