SB2026033183 - Multiple vulnerabilities in OpenClaw
Published: March 31, 2026 Updated: May 1, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 4 vulnerabilities.
1) Reliance on IP Address for Authentication (CVE-ID: CVE-2026-3690)
CWE-ID: CWE-291 - Reliance on IP Address for Authentication
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to improper implementation of the the authentication function for canvas endpoints. A remote attacker can bypass authentication on the target system.
2) Command injection (CVE-ID: CVE-2026-31994)
CWE-ID: CWE-77 - Command injection
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local user to execute unintended commands.
The vulnerability exists due to improper neutralization of special elements in gateway.cmd script generation in src/daemon/schtasks.ts when generating Windows scheduled task scripts from user-controlled arguments or environment-derived values. A local user can supply specially crafted metacharacter or line-break-containing values to execute unintended commands.
The issue is limited to Windows deployments and requires control over values that feed service script generation.
3) OS Command Injection (CVE-ID: CVE-2026-22176)
CWE-ID: CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote user to execute arbitrary commands.
The vulnerability exists due to command injection in gateway.cmd generation in src/daemon/schtasks.ts when processing config-provided environment variable values for Windows Scheduled Task installation. A remote user can supply specially crafted environment variable values containing shell metacharacters to execute arbitrary commands.
Exploitation requires the attacker to influence environment values before gateway install or reinstall on Windows.
4) OS Command Injection (CVE-ID: CVE-2026-31995)
CWE-ID: CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local user to execute arbitrary commands.
The vulnerability exists due to command injection in the Windows Lobster shell fallback path when retrying certain spawn failures with shell execution enabled. A local user can supply crafted tool-provided arguments to execute arbitrary commands.
Exploitation requires Windows, fallback-triggering conditions for ENOENT or EINVAL spawn failures, and control over arguments through a local operator-defined workflow.
Remediation
Install update from vendor's website.
References
- https://www.zerodayinitiative.com/advisories/ZDI-26-228/
- https://github.com/openclaw/openclaw/security/advisories/GHSA-vvjh-f6p9-5vcf
- https://github.com/openclaw/openclaw/security/advisories/GHSA-mqr9-vqhq-3jxw
- https://github.com/openclaw/openclaw/commit/280c6b117b2f0e24f398e5219048cd4cc3b82396
- https://github.com/openclaw/openclaw/security/advisories/GHSA-pj5x-38rw-6fph
- https://github.com/openclaw/openclaw/commit/dafe52e8cf1a041d898cfb304a485fa05e5f58fb
- https://github.com/openclaw/openclaw/security/advisories/GHSA-fg3m-vhrr-8gj6
- https://github.com/openclaw/openclaw/commit/ba7be018da354ea9f803ed356d20464df0437916