CVE-2026-45004

OpenClaw · OpenClaw

OpenClaw is susceptible to arbitrary code execution due to an uncontrolled search path element.

Executive summary

An uncontrolled search path vulnerability in OpenClaw could allow an attacker to execute arbitrary code, potentially leading to a total system compromise.

Vulnerability

This vulnerability (CWE-427) involves an uncontrolled search path element where the application may load malicious files from the current working directory. The vulnerability requires user interaction to facilitate the loading of untrusted components.

Business impact

The ability for an attacker to achieve arbitrary code execution represents a significant security risk, potentially leading to full system compromise, data exfiltration, or installation of persistent backdoors. With a CVSS score of 7.8, this vulnerability poses a high risk to business operations and data security.

Remediation

Immediate Action: Update the OpenClaw npm package to version 2026.4.23 immediately.

Proactive Monitoring: Scan for anomalous processes or unexpected execution of scripts initiated by the OpenClaw service.

Compensating Controls: Restrict the permissions of the directory where the application is executed to prevent unauthorized modification of local files.

Exploitation status

Public Exploit Available: No (no confirmed public exploit in available data).

Analyst recommendation

The severity of this arbitrary code execution flaw necessitates immediate patching. Organizations should ensure all instances of the OpenClaw package are updated to version 2026.4.23 to eliminate this critical attack vector.