CVE-2026-53848
Published
CVSS v3
4.3
MEDIUM
CVSS v2
N/A
Affected
1
PROJECT
Description
OpenClaw before 2026.5.26 contains an exec allowlist bypass vulnerability allowing authenticated operators to execute wrapper-level side effects outside allowlisted command intent. Attackers can craft command requests that bypass allowlist validation by leveraging transparent command wrappers to perform unintended operations.
Your own personal AI assistant. Any OS. Any Platform. The lobster way. 🦞
GitHub