wid-sec-w-2026-0727 · Published 2026-03-15 · View on BSI CERT-Bund ↗

OpenClaw: Multiple Vulnerabilities

CVSS 9.4 CRITICAL

Risk Summary

OpenClaw before 2026.3.11 contains an approval-integrity vulnerability in node-host system.run approvals that displays extracted shell payloads instead of the executed argv. Attackers can place wrapper binaries and induce wrapper-shaped commands to execute local code after operators approve misleading command text.

CVEs (11)

CVE-2026-22172 CVE-2026-32914 CVE-2026-32915 CVE-2026-32917 CVE-2026-32971 CVE-2026-32972 CVE-2026-32974 CVE-2026-32980 CVE-2026-32988 CVE-2026-33572 CVE-2026-33573

Affected Vendors

Open Source

Affected Products (2)

Open Source · OpenClaw <2026.3.13

Open Source · OpenClaw 2026.3.13

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more