A code execution flaw in OpenClaw allows attackers with trusted operator access to bypass security scans by redirecting extension metadata to malicious payloads.

The vulnerability exists within the marketplace runtime, where metadata handling fails to properly validate extension sources. An attacker with trusted operator access can manipulate this metadata to force the loading of unverified or malicious plugin code.

With a CVSS score of 8.8, this vulnerability poses a significant risk to the integrity of the software supply chain within the platform. Unauthorized code execution could lead to full system compromise, data theft, and the persistence of malicious extensions within the environment.

Immediate Action: Update OpenClaw to version 2026.5.18 or later to remediate the metadata validation flaw.

Proactive Monitoring: Audit marketplace extension installations and review logs for any unexpected redirection or loading of non-standard package paths.

Compensating Controls: Restrict "trusted operator" access to the minimum number of users and implement rigorous code review processes for any custom extensions.

Public Exploit Available: false

The ability for an attacker to bypass security scans and execute arbitrary code represents a critical failure in the plugin architecture. Administrators must apply the version 2026.5.18 update immediately to restore the integrity of the extension loading process.