CVE-2026-26325

HIGH 7.2

OpenClaw Node host system.run rawCommand/command mismatch can bypass allowlist/approvals

CVSS Score

7.2

EPSS Score

0.0%

EPSS Percentile

0th

OpenClaw is a personal AI assistant. Prior to version 2026.2.14, a mismatch between `rawCommand` and `command[]` in the node host `system.run` handler could cause allowlist/approval evaluation to be performed on one command while executing a different argv. This only impacts deployments that use the node host / companion node execution path (`system.run` on a node), enable allowlist-based exec policy (`security=allowlist`) with approval prompting driven by allowlist misses (for example `ask=on-miss`), allow an attacker to invoke `system.run`. Default/non-node configurations are not affected. Version 2026.2.14 enforces `rawCommand`/`command[]` consistency (gateway fail-fast + node host validation).

CWE	CWE-284
Vendor	openclaw
Product	openclaw
Published	Feb 19, 2026
Last Updated	Feb 20, 2026

Stay Ahead of the Next One

Get instant alerts for openclaw openclaw

Be the first to know when new high vulnerabilities affecting openclaw openclaw are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Affected Versions

openclaw / openclaw

< 2026.2.14

References

NVD ↗ CVE.org ↗ EPSS Data ↗

github.com: https://github.com/openclaw/openclaw/security/advisories/GHSA-h3f9-mjwj-w476 github.com: https://github.com/openclaw/openclaw/commit/cb3290fca32593956638f161d9776266b90ab891 github.com: https://github.com/openclaw/openclaw/releases/tag/v2026.2.14