CVE-2026-44999

MEDIUM NVD

CVSS Score 5.3

Severity MEDIUM

Published May 11, 2026

Vendor unknown

Description

OpenClaw before 2026.4.20 fails to properly preserve untrusted labels for isolated cron awareness events, allowing webhook-triggered cron agent output to be recorded as trusted system events. Attackers can exploit this trust-labeling issue to strengthen prompt-injection attacks by rendering untrusted events as trusted System events.

References

https://github.com/openclaw/openclaw/commit/f61896b03cc7031f51106a04566831f4ac2a0bd7
https://github.com/openclaw/openclaw/security/advisories/GHSA-57r2-h2wj-g887
https://www.vulncheck.com/advisories/openclaw-improper-trust-labeling-in-isolated-cron-awareness-events