Execution Path Bypass Vulnerability in OpenClaw
CVE-2026-28363

9.9CRITICAL

Key Information:

Vendor: Openclaw
Status: Openclaw
Vendor: CVE Published:; 27 February 2026

What is CVE-2026-28363?

A significant security flaw has been identified in OpenClaw prior to version 2026.2.23, allowing attackers to bypass validation checks in the tools.exec.safeBins feature. This vulnerability occurs due to the system's inability to correctly handle GNU long-option abbreviations, enabling unauthorized execution paths that should typically require explicit approval. Specifically, while exact strings such as '--compress-program' are properly denied, abbreviations like '--compress-prog' are mistakenly accepted, posing a serious risk to system integrity.

Affected Version(s)

OpenClaw 0 < 2026.2.23

References

https://github.com/openclaw/openclaw/security/advisories/...

CVSS V3.1

Score:

9.9

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 27, 2026
Vulnerability Reserved
Feb 27, 2026

CVE-2026-28363 Data

JSON

Openclaw

What is CVE-2026-28363?

Affected Version(s)

References

CVSS V3.1

Timeline