CVE-2026-53831

HIGH NVD

CVSS Score 8.3

Severity HIGH

Published Jun 12, 2026

Vendor unknown

Description

OpenClaw before 2026.5.18 contains a policy enforcement vulnerability in system.run safe-bin allowlist validation that allows shell expansion to modify command interpretation on POSIX nodes. Authenticated operators can exploit shell metacharacters in approved commands to read unintended node-local files and expose sensitive configuration data.

References

https://github.com/openclaw/openclaw/security/advisories/GHSA-mhq8-78pj-5j79
https://www.vulncheck.com/advisories/openclaw-arbitrary-file-read-via-shell-expansion-in-system-run-safe-bin-allowlist