CVE-2026-28470 CRITICAL

CVE-2026-28470: OpenClaw < 2026.2.2 - Exec Allowlist Bypass via Command Substitution in Double Quotes

Vendor Openclaw
Product OpenClaw
Weakness CWE-78
Published March 5, 2026
Last update April 22, 2026

CVSS base score

9.2/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

What the vulnerability does

01Description

OpenClaw versions prior to 2026.2.2 contain an exec approvals (must be enabled) allowlist bypass vulnerability that allows attackers to execute arbitrary commands by injecting command substitution syntax. Attackers can bypass the allowlist protection by embedding unescaped $() or backticks inside double-quoted strings to execute unauthorized commands.

Key dates

02Disclosure timeline

March 5, 2026 CVE published
April 22, 2026 Record updated