CVE-2026-32907
OpenClaw is affected by CVE-2026-32907 in versions prior to 2026.2.19. A local command-injection flaw exists in Windows scheduled task script generation, allowing an attacker who can influence service script generation values to inject unescaped cmd metacharacters into gateway.cmd arguments and a...