PatchSiren cyber security CVE debrief
CVE-2026-53866 OpenClaw CVE debrief
CVE-2026-53866 is a HIGH-severity vulnerability in OpenClaw, a software that contains an allowlist bypass vulnerability in shell inline-command parsing. This vulnerability, with a CVSS score of 7.6, allows authenticated operators to execute unapproved commands. A command request using shell inline-command forms could route through a parser case missing the expected allowlist decision, enabling shell content execution without intended approval prompts.
- Vendor
- OpenClaw
- Product
- Unknown
- CVSS
- HIGH 7.6
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-16
- Original CVE updated
- 2026-06-18
- Advisory published
- 2026-06-16
- Advisory updated
- 2026-06-18
Who should care
Users of OpenClaw before version 2026.5.12, particularly those with authenticated operators, should be aware of this vulnerability and take necessary actions to mitigate it.
Technical summary
The vulnerability exists in the shell inline-command parsing of OpenClaw. Specifically, a command request using shell inline-command forms could bypass the allowlist, leading to the execution of unapproved commands. This is possible because the parser case misses the expected allowlist decision.
Defensive priority
HIGH
Recommended defensive actions
- Update OpenClaw to version 2026.5.12 or later.
- Review and restrict authenticated operator access to sensitive functionality.
- Monitor OpenClaw logs for suspicious activity.
Evidence notes
The CVE-2026-53866 record was obtained from the official CVE database and the NVD detail page. Additional information was sourced from Vulncheck's advisory on the vulnerability.
Official resources
CVE-2026-53866 was published on 2026-06-16T19:17:05.023Z and modified on 2026-06-16T20:42:46.200Z.