PT-2026-57902 · Openclaw · Openclaw
Chinmohan Nayak
·
Published
2026-07-13
·
Updated
2026-07-13
·
CVE-2026-62200
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
OpenClaw versions prior to 2026.6.6
Description
A flaw in host exec environment filtering allows the Git ext transport to be abused. If the affected feature is enabled and reachable, a lower-trust caller or a configured input path can execute or persist actions that exceed the caller's intended authorization.
Recommendations
Update to version 2026.6.6 or later.
Fix
Incomplete List of Disallowed Inputs
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Openclaw