CVE-2026-28470

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.2.2

Description The software contains a flaw in its exec approvals allowlist, which can be bypassed when command substitution syntax is used. Specifically, attackers can execute arbitrary commands by injecting command substitution syntax, such as $() or backticks, within double-quoted strings. This bypasses the intended allowlist protection. The issue only affects installations where the exec approvals allowlist feature is explicitly enabled.

Recommendations Update to version 2026.2.2 or later. Reject unescaped $() and backticks inside double quotes during allowlist analysis.