cbcvebase.
CVE-2026-28466
published 2026-03-05

CVE-2026-28466: OpenClaw versions prior to 2026.2.14 contain a vulnerability in the gateway in which it fails to sanitize internal approval fields in node.invoke parameters…

PriorityP267critical9.9CVSS 3.1
AVNACLPRLUINSCCHIHAH
EPSS
0.42%
33.7th percentile
OpenClaw versions prior to 2026.2.14 contain a vulnerability in the gateway in which it fails to sanitize internal approval fields in node.invoke parameters, allowing authenticated clients to bypass exec approval gating for system.run commands. Attackers with valid gateway credentials can inject approval control fields to execute arbitrary commands on connected node hosts, potentially compromising developer workstations and CI runners.

Affected

2 ranges
VendorProductVersion rangeFixed in
openclawopenclaw< 2026.2.142026.2.14
openclawopenclaw>= 0 < 2026.2.142026.2.14

Detection & IOCsextracted from sources · hover to see the quote

  • Look for authenticated gateway requests to node.invoke that contain internal approval control fields (e.g., fields that would normally only be set server-side for exec approval gating) — their presence in client-supplied parameters indicates exploitation of CVE-2026-28466.
  • Monitor for system.run command execution originating from the OpenClaw gateway on connected node hosts (developer workstations, CI runners), especially where the invoking session is a gateway-authenticated client rather than a direct local process.
  • ·The vulnerability affects OpenClaw versions prior to 2026.2.14 (also known as Moltbot or Clawdbot); only authenticated clients with valid gateway credentials can exploit it — unauthenticated access is not sufficient.
  • ·The npm fix was added 2026-03-08 and the Homebrew fix was added 2026-03-10; environments using the openclaw package from either ecosystem should verify they are on 2026.2.14 or later.

CVSS provenance

nvdv3.19.9CRITICALCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
nvdv4.09.4CRITICALCVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.