PT-2026-57902 · Openclaw · Openclaw

Chinmohan Nayak

·

Published

2026-07-13

·

Updated

2026-07-13

·

CVE-2026-62200

CVSS v3.1

8.8

High

VectorAV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.6.6
Description A flaw in host exec environment filtering allows the Git ext transport to be abused. If the affected feature is enabled and reachable, a lower-trust caller or a configured input path can execute or persist actions that exceed the caller's intended authorization.
Recommendations Update to version 2026.6.6 or later.

Fix

Incomplete List of Disallowed Inputs

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-62200

Affected Products

Openclaw