OpenClaw contains a critical command injection flaw that allows attackers to bypass security allowlists by rebuilding command arguments after initial validation.

This is a command injection vulnerability where the shell wrapper argv can be modified between the approval phase and the final execution. This time-of-check to time-of-use (TOCTOU) discrepancy allows attackers to execute unapproved command shapes.

The ability to inject and execute arbitrary commands carries a high risk of full system compromise. With a CVSS score of 8.8, this vulnerability allows attackers to bypass intended security controls, potentially leading to unauthorized data exfiltration, malware installation, or persistent system access.

Immediate Action: Apply the vendor-provided security update to version 2026.5.18 to remediate the command argument validation logic.

Proactive Monitoring: Audit system logs for unexpected shell commands or anomalous command-line arguments being executed by the OpenClaw process.

Compensating Controls: Implement strict OS-level execution policies or sandboxing to limit the impact of potential command injection attempts.

Public Exploit Available: false

Given the potential for arbitrary code execution, this vulnerability should be treated with high urgency. Administrators must prioritize patching to version 2026.5.18 to ensure command execution integrity and prevent bypass of established security policies.