Remote Code Execution Vulnerability in OpenClaw by OpenClaw

CVE-2026-28466

What is CVE-2026-28466?

CVE-2026-28466 is a remote code execution vulnerability found in OpenClaw, a software solution developed by OpenClaw. This software is designed to facilitate automation and orchestration tasks for development and deployment processes in various IT environments. The vulnerability arises from a failure to properly sanitize approval fields in gateway commands, specifically in the node.invoke parameters. As a result, authenticated users can bypass necessary execution approval mechanisms for system commands. This allows an attacker with valid gateway credentials to inject malicious approval controls and execute arbitrary commands on connected node hosts, which can lead to severe security breaches including the compromise of developer workstations and continuous integration (CI) runners.

Potential impact of CVE-2026-28466

1. Arbitrary Code Execution: The vulnerability allows attackers with valid access to execute unauthorized commands on vulnerable hosts. This could lead to complete system compromise and the ability to deploy further malware or backdoors.

2. Compromise of Development Environments: Since the flaw can affect developer workstations and CI runners, it poses a serious risk to the integrity and security of software development processes. An attacker could manipulate development workflows or introduce vulnerabilities into production software.

3. Data Breach and Leakage: Exploitation of this vulnerability could result in unauthorized access to sensitive data stored on compromised systems. This leakage could expose intellectual property, user information, and other confidential data, leading to potential legal and financial repercussions for affected organizations.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch →

References