CVE-2026-22168

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.2.21

Description OpenClaw contains an approval-integrity mismatch in the system.run function, specifically related to the use of cmd.exe /c. This allows authenticated operators to execute arbitrary trailing arguments after cmd.exe /c, while the approval text only reflects a benign command. Attackers can leverage this to smuggle malicious arguments through cmd.exe /c, achieving local command execution on trusted Windows nodes. The issue results in mismatched audit logs, where the recorded command does not accurately reflect the executed command. The vulnerable component is the system.run function, and the vulnerability is related to the handling of arguments passed to cmd.exe /c.

Recommendations Versions prior to 2026.2.21 should be updated to version 2026.2.21 or later. Canonicalize the full command tail after cmd.exe /c. Reuse a shared command canonicalization and validation path for validation, approval matching, and execution/audit text. Add regression coverage for trailing-argument smuggling and approval binding.