CVE-2026-28466

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.2.14

Description The gateway component fails to sanitize internal approval fields in node.invoke parameters, allowing authenticated clients to bypass exec approval gating for system.run commands. Attackers with valid gateway credentials can inject approval control fields to execute arbitrary commands on connected node hosts, potentially compromising developer workstations and CI runners. The gateway forwarded user-controlled params to node hosts without sanitizing internal approval fields. The node host treated params.approved === true and/or params.approvalDecision as sufficient to skip the approval workflow. The affected component is the gateway method node.invoke for the node command system.run.

Recommendations Upgrade to OpenClaw version 2026.2.14 or later. Restrict access to the gateway. Rotate gateway credentials if you suspect token exposure. Disable remote command execution on nodes by blocking system.run at the gateway and/or by configuring node exec security to deny.