Main Vulnerability Database Vulnerabilities #VU125113

#VU125113 OS Command Injection in OpenClaw - CVE-2026-31999

Published: April 8, 2026

Vulnerability identifier: #VU125113

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2026-31999

CWE-ID: CWE-78

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
OpenClaw

Software vendor:
OpenClaw

Description

The vulnerability allows a remote attacker to execute unintended commands.

The vulnerability exists due to command injection in ACPX Windows wrapper resolution when resolving .cmd/.bat wrappers through shell fallback on Windows ACPX paths. A remote attacker can influence the current working directory to alter execution behavior and execute unintended commands.

Only affected Windows ACPX configurations are vulnerable.

Remediation

Install security update from vendor's website.

External links

https://github.com/openclaw/openclaw/security/advisories/GHSA-6f6j-wx9w-ff4j

#VU125113 OS Command Injection in OpenClaw - CVE-2026-31999

Description

Remediation

External links

Please verify you're human