CVE ID :CVE-2026-53866 Published : June 16, 2026, 6:05 p.m. | 1 hour, 3 minutes ago Description :OpenClaw before 2026.5.12 contains an allowlist bypass vulnerability in shell inline-command parsing that allows authenticated operators to execute unapproved commands. A command request using...

#Sicherheitslücke

Original-Artikel öffnen Zurück zur Übersicht

ARTICLEVIEW

CVE-2026-53866 - OpenClaw < 2026.5.12 - Allowlist Bypass in Shell Inline-Command Parsing

VERWANDTEARTIKEL

CVE-2026-53864 - OpenClaw < 2026.5.26 - Insufficient Environment Variable Sanitization in Node.js Control Variables

CVE-2026-53857 - OpenClaw < 2026.5.3 - Mutable Display Name Binding in Zalo allowFrom Policy

CVE-2026-53855 - OpenClaw < 2026.4.2 - Shell Positional Parameters Bypass in Inline-Eval Checks

CVE-2026-53853 - OpenClaw < 2026.5.12 - Argument Pattern Bypass in Exec Allowlist via Linux and macOS

CVE-2026-53849 - OpenClaw < 2026.5.7 - Privilege Escalation via Mutable Discord Display Names in allowFrom

CVE-2026-53843 - OpenClaw < 2026.5.26 - Node Token Revocation Bypass via Pairing-Scoped Device Session