2 matches found
CVE-2026-22168
OpenClaw versions prior to 2026.2.21 contain an approval-integrity mismatch vulnerability in system.run that allows authenticated operators to execute arbitrary trailing arguments after cmd.exe /c while approval text reflects only a benign command. Attackers can smuggle malicious arguments throug...
CVE-2026-22168
OpenClaw vulnerability CVE-2026-22168 affects versions prior to 2026.2.21. It describes an approval-integrity mismatch in system.run that lets authenticated operators pass arbitrary trailing arguments after cmd.exe /c, leading to local command execution on trusted Windows nodes with mismatched au...