Description

OpenClaw versions prior to 2026.2.21 contain an approval-integrity mismatch vulnerability in system.run that allows authenticated operators to execute arbitrary trailing arguments after cmd.exe /c while approval text reflects only a benign command. Attackers can smuggle malicious arguments through cmd.exe /c to achieve local command execution on trusted Windows nodes with mismatched audit logs.

INFO

Published Date :

2026-03-18T01:34:16.700Z

Last Modified :

2026-03-18T14:06:48.407Z

Source :

VulnCheck
AFFECTED PRODUCTS

The following products are affected by CVE-2026-22168 vulnerability.

Vendors Products
Openclaw
  • Openclaw
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-22168.

URL Resource
https://github.com/openclaw/openclaw/commit/6007941f04df1edcca679dd6c95949744fdbd4df cve-icon cve-icon
https://github.com/openclaw/openclaw/security/advisories/GHSA-5v6x-rfc3-7qfr cve-icon cve-icon
https://www.vulncheck.com/advisories/openclaw-command-injection-via-cmd-exe-c-trailing-arguments-in-system-run cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Attack Requirements
Privileges Required
User Interaction
VS Confidentiality
VS Integrity
VS Availability
SS Confidentiality
SS Integrity
SS Availability
Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact