CVE-2026-31999

CVSS v4.0

9.3

Critical

Vector

AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Name of the Vulnerable Software and Affected Versions OpenClaw versions 2026.2.26 through 2026.3.1

Description OpenClaw on Windows contains a current working directory injection flaw in wrapper resolution for .cmd/.bat files. This allows attackers to influence execution behavior through current working directory (cwd) manipulation. Improper shell execution fallback mechanisms can lead to command execution integrity loss by controlling the cwd during wrapper resolution. The issue affects Windows ACPX paths where wrapper resolution for .cmd/.bat files could fall back to shell execution, enabling cwd influence to alter execution behavior.

Recommendations OpenClaw versions 2026.2.26 through 2026.3.1 should be updated to version 2026.3.1.

Fix

OS Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-78

Related Identifiers

BDU:2026-05042

CVE-2026-31999

GHSA-6F6J-WX9W-FF4J

GHSA-H36M-2VH5-X699

Affected Products

Openclaw

Windows

CVE-2026-31999

Weakness Enumeration

Related Identifiers

Affected Products

References · 14