Command Truncation Vulnerability in OpenClaw by OpenClaw
CVE-2026-53829

8.5HIGH

Key Information:

Vendor

Openclaw

Status
Vendor
CVE Published:
12 June 2026

What is CVE-2026-53829?

OpenClaw prior to version 2026.5.18 introduces a command truncation issue where authenticated users can manipulate the display of approval commands. This allows them to obscure malicious command suffixes amid benign prefixes, leading to potential execution of unauthorized actions once the command is approved by the approvers.

Affected Version(s)

OpenClaw 0 < 2026.5.18

OpenClaw 2026.5.18

References

CVSS V4

Score:
8.5
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
Unknown

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

cantinagen
Ellahi (@Ellahinator)
.