Home / Vulnerability Intelligence / CVE-2026-28391

CVE-2026-28391 - Vulnerability Analysis

CriticalCVSS: 9.8

Last Updated: March 6, 2026

OpenClaw - Command Injection

Published: March 5, 2026Updated: March 6, 2026Remote Exploitable

Overview

OpenClaw < 2026.2.2 contains a command injection caused by improper validation of Windows cmd.exe metacharacters in allowlist-gated exec requests, letting remote attackers bypass command approval and execute unapproved commands.

Severity & Score

Severity: Critical

CVSS Score: 9.8

EPSS Score: 4.9%(Probability of exploitation in next 30 days)

Impact

Remote attackers can execute arbitrary unapproved commands, potentially leading to full system compromise.

Mitigation

Upgrade to version 2026.2.2 or later.

References

Social Media Activity(1 post)

TheHackerWire

@thehackerwire

Mar 6, 2026

🔴 CVE-2026-28391 - Critical (9.8) OpenClaw versions prior to 2026.2.2 fail to properly validate Windows cmd.exe metacharacters in allowlist-gated exec requests, allowing attackers to bypass command approval restrictions. Remote attackers can craft command strings with shell metach... 🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28391/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post

Related Resources

Details

CVE ID: CVE-2026-28391
Severity: Critical
CVSS Score: 9.8
Type: command_injection
Status: new
EPSS: 4.9%
Social Posts: 1

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score

4.9%Probability of exploitation in the next 30 days