Command Injection
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Command Injection via cmd.exe on Windows nodes when exec allowlist or approval gating is enabled. An attacker can execute unauthorized commands by crafting input that leverages Windows...