Spoofing attack in OpenClaw - CVE-2026-26320
Published: May 4, 2026
Vulnerability identifier: #VU129457
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2026-26320
CWE-ID: CWE-451
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: OpenClaw
Affected software:
OpenClaw
OpenClaw
Detailed vulnerability description
The vulnerability allows a remote attacker to misrepresent an executed agent message to the user.
The vulnerability exists due to user interface misrepresentation of critical information in the macOS deep link confirmation dialog when handling openclaw://agent deep links without an unattended key. A remote attacker can pad the message with whitespace to conceal malicious content outside the visible preview to misrepresent an executed agent message to the user.
User interaction is required to approve the confirmation dialog, and subsequent agent actions may lead to arbitrary command execution depending on the user's configured tool approvals or allowlists.
How to mitigate CVE-2026-26320
Install security update from vendor's website.