Most recent sightings.

Most recent sightings. https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Fri, 19 Jun 2026 12:10:49 +0000 4e27abfe-9fc3-4318-bcb0-2de3832ab329 https://vulnerability.circl.lu/sighting/4e27abfe-9fc3-4318-bcb0-2de3832ab329/export {"uuid": "4e27abfe-9fc3-4318-bcb0-2de3832ab329", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53865", "type": "seen", "source": "https://gist.github.com/alon710/4af676c2ea4b45d148a75b1db05205fb", "content": "# CVE-2026-53865: CVE-2026-53865: Arbitrary Local Command Execution in OpenClaw via Untrusted Search Path\n\n> **CVSS Score:** 7.2\n> **Published:** 2026-06-18\n> **Full Report:** https://cvereports.com/reports/CVE-2026-53865\n\n## Summary\nA critical untrusted search path vulnerability (CWE-426) exists in OpenClaw, an open-source, multi-platform personal AI assistant. In versions prior to 2026.5.2 (and up to 2026.5.26 in specific deployment configurations), the application merges workspace-derived configuration parameters into the operating system environment object. When executing administrative maintenance routines, OpenClaw invokes external system commands, such as the 'trash' utility, without verifying the underlying executable path. This allows a low-privileged local user or workspace collaborator to hijack binary execution flows, resulting in arbitrary command execution within the privilege context of the OpenClaw service wrapper.\n\n## TL;DR\nOpenClaw vulnerabilities in dynamic environment configurations allow lower-privileged users to hijack system commands during automated maintenance cycles, leading to local privilege escalation.\n\n## Exploit Status: POC\n\n## Technical Details\n\n- **CWE ID**: CWE-426\n- **Attack Vector**: Local\n- **CVSS v4.0**: 7.2\n- **EPSS Score**: 0.00118 (Percentile: 2.01%)\n- **Impact**: Arbitrary Command Execution / Privilege Escalation\n- **Exploit Status**: Proof of Concept\n- **KEV Status**: Not Listed\n\n## Affected Systems\n\n- OpenClaw Gateway deployments on Linux, macOS, and Windows\n- OpenClaw packages hosted via NPM registry\n- Self-hosted instances running with workspace integrations enabled\n- **openclaw**: < 2026.5.2 (Fixed in: `2026.5.2`)\n- **openclaw**: < 2026.5.26 (Fixed in: `2026.5.26`)\n\n## Mitigation\n\n- Sanitize environment parameters passed to Node.js subprocess APIs\n- Force the use of absolute executable paths when launching standard tools\n- Disable shell execution parameters inside spawn declarations where user inputs exist\n- Restrict workspace directory modification permissions to administrative accounts\n\n**Remediation Steps:**\n1. Identify active installations and upgrade OpenClaw to stable version 2026.5.2 or 2026.5.26.\n2. Verify that configuration settings do not allow unauthenticated users to supply environmental modifiers.\n3. Isolate critical system-level tasks in dedicated sandboxed processes using systemd or Docker container environments.\n4. Audit active workspace configuration objects for anomalies in PATH settings.\n\n## References\n\n- [GitHub Security Advisory GHSA-rx78-29qr-5hq8](https://github.com/openclaw/openclaw/security/advisories/GHSA-rx78-29qr-5hq8)\n- [VulnCheck Technical Security Advisory](https://www.vulncheck.com/advisories/openclaw-arbitrary-command-execution-via-workspace-derived-service-path)\n- [NVD Vulnerability Database Page](https://nvd.nist.gov/vuln/detail/CVE-2026-53865)\n- [Google Open Source Vulnerabilities (OSV)](https://osv.dev/vulnerability/GHSA-rx78-29qr-5hq8)\n- [CVE.org Authoritative Vulnerability Page](https://www.cve.org/CVERecord?id=CVE-2026-53865)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-53865) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-06-19T05:11:14.000000Z"} {"uuid": "4e27abfe-9fc3-4318-bcb0-2de3832ab329", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53865", "type": "seen", "source": "https://gist.github.com/alon710/4af676c2ea4b45d148a75b1db05205fb", "content": "# CVE-2026-53865: CVE-2026-53865: Arbitrary Local Command Execution in OpenClaw via Untrusted Search Path\n\n> **CVSS Score:** 7.2\n> **Published:** 2026-06-18\n> **Full Report:** https://cvereports.com/reports/CVE-2026-53865\n\n## Summary\nA critical untrusted search path vulnerability (CWE-426) exists in OpenClaw, an open-source, multi-platform personal AI assistant. In versions prior to 2026.5.2 (and up to 2026.5.26 in specific deployment configurations), the application merges workspace-derived configuration parameters into the operating system environment object. When executing administrative maintenance routines, OpenClaw invokes external system commands, such as the 'trash' utility, without verifying the underlying executable path. This allows a low-privileged local user or workspace collaborator to hijack binary execution flows, resulting in arbitrary command execution within the privilege context of the OpenClaw service wrapper.\n\n## TL;DR\nOpenClaw vulnerabilities in dynamic environment configurations allow lower-privileged users to hijack system commands during automated maintenance cycles, leading to local privilege escalation.\n\n## Exploit Status: POC\n\n## Technical Details\n\n- **CWE ID**: CWE-426\n- **Attack Vector**: Local\n- **CVSS v4.0**: 7.2\n- **EPSS Score**: 0.00118 (Percentile: 2.01%)\n- **Impact**: Arbitrary Command Execution / Privilege Escalation\n- **Exploit Status**: Proof of Concept\n- **KEV Status**: Not Listed\n\n## Affected Systems\n\n- OpenClaw Gateway deployments on Linux, macOS, and Windows\n- OpenClaw packages hosted via NPM registry\n- Self-hosted instances running with workspace integrations enabled\n- **openclaw**: < 2026.5.2 (Fixed in: `2026.5.2`)\n- **openclaw**: < 2026.5.26 (Fixed in: `2026.5.26`)\n\n## Mitigation\n\n- Sanitize environment parameters passed to Node.js subprocess APIs\n- Force the use of absolute executable paths when launching standard tools\n- Disable shell execution parameters inside spawn declarations where user inputs exist\n- Restrict workspace directory modification permissions to administrative accounts\n\n**Remediation Steps:**\n1. Identify active installations and upgrade OpenClaw to stable version 2026.5.2 or 2026.5.26.\n2. Verify that configuration settings do not allow unauthenticated users to supply environmental modifiers.\n3. Isolate critical system-level tasks in dedicated sandboxed processes using systemd or Docker container environments.\n4. Audit active workspace configuration objects for anomalies in PATH settings.\n\n## References\n\n- [GitHub Security Advisory GHSA-rx78-29qr-5hq8](https://github.com/openclaw/openclaw/security/advisories/GHSA-rx78-29qr-5hq8)\n- [VulnCheck Technical Security Advisory](https://www.vulncheck.com/advisories/openclaw-arbitrary-command-execution-via-workspace-derived-service-path)\n- [NVD Vulnerability Database Page](https://nvd.nist.gov/vuln/detail/CVE-2026-53865)\n- [Google Open Source Vulnerabilities (OSV)](https://osv.dev/vulnerability/GHSA-rx78-29qr-5hq8)\n- [CVE.org Authoritative Vulnerability Page](https://www.cve.org/CVERecord?id=CVE-2026-53865)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-53865) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-06-19T05:11:14.000000Z"} https://vulnerability.circl.lu/sighting/4e27abfe-9fc3-4318-bcb0-2de3832ab329/export Fri, 19 Jun 2026 05:11:14 +0000