CVE-2026-22176

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.2.19

Description OpenClaw contains a command injection issue in the Windows Scheduled Task script generation process. Environment variables are written to the gateway.cmd file using unquoted set KEY=VALUE assignments. This allows shell metacharacters within environment variable values to break out of the assignment context, potentially leading to arbitrary command execution when the scheduled task script is generated and executed. The issue arises because the environment values are not properly sanitized before being written to the script. Specifically, characters like &, |, ^, %, or ! can be used to inject commands. The vulnerability affects systems where configuration or environment values originate from untrusted sources, such as shared configuration templates or setup scripts. The fix involves rendering quoted assignments (set "KEY=VALUE") with explicit escaping for command metacharacters. The vulnerable code is located in src/daemon/schtasks.ts.

Recommendations OpenClaw versions prior to 2026.2.19 should be updated to version 2026.2.19 or later.