CVE-2026-27486
OpenClaw: Process Safety - Unvalidated PID Kill via SIGKILL in Process Cleanup
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
OpenClaw is a personal AI assistant. In versions 2026.2.13 and below of the OpenClaw CLI, the process cleanup uses system-wide process enumeration and pattern matching to terminate processes without verifying if they are owned by the current OpenClaw process. On shared hosts, unrelated processes can be terminated if they match the pattern. The CLI runner cleanup helpers can kill processes matched by command-line patterns without validating process ownership. This issue has been fixed in version 2026.2.14.
| CWE | CWE-283 |
| Vendor | openclaw |
| Product | openclaw |
| Published | Feb 21, 2026 |
| Last Updated | Feb 24, 2026 |
Stay Ahead of the Next One
Get instant alerts for openclaw openclaw
Be the first to know when new unknown vulnerabilities affecting openclaw openclaw are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
openclaw / openclaw
< 2026.2.14
References
github.com: https://github.com/openclaw/openclaw/security/advisories/GHSA-jfv4-h8mc-jcp8 github.com: https://github.com/openclaw/openclaw/commit/6084d13b956119e3cf95daaf9a1cae1670ea3557 github.com: https://github.com/openclaw/openclaw/commit/eb60e2e1b213740c3c587a7ba4dbf10da620ca66 github.com: https://github.com/openclaw/openclaw/releases/tag/v2026.2.14