CVE-2026-45004
Received Received - Intake
Arbitrary Code Execution in OpenClaw via Malicious Plugin Setup

Publication date: 2026-05-11

Last updated on: 2026-05-11

Assigner: VulnCheck

Description
OpenClaw before 2026.4.23 contains an arbitrary code execution vulnerability in the bundled plugin setup resolver that loads setup-api.js from process.cwd() during provider setup metadata resolution. Attackers can execute arbitrary JavaScript under the current user account by placing a malicious extensions/<plugin>/setup-api.js file in a repository and convincing a user to run OpenClaw commands from that directory.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-11
Last Modified
2026-05-11
Generated
2026-06-21
AI Q&A
2026-05-11
EPSS Evaluated
2026-06-19
NVD
CVE-2026-45004
EUVD
EUVD-2026-29149
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
openclaw openclaw to 2026.4.23 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-427 The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

OpenClaw versions before 2026.4.23 contain a vulnerability that allows arbitrary code execution. This happens because the plugin setup resolver loads a JavaScript file named setup-api.js from the current working directory (process.cwd()) during provider setup metadata resolution.

An attacker can exploit this by placing a malicious setup-api.js file inside the extensions/<plugin>/ directory of a repository and convincing a user to run OpenClaw commands from that directory. When the user does this, OpenClaw loads and executes the malicious JavaScript code under the current user's account.

This vulnerability requires local access and user interaction to be exploited. It has been fixed in OpenClaw version 2026.4.23 by removing process.cwd() from the trusted search paths for setup-api.js.

Impact Analysis

If exploited, this vulnerability allows an attacker to execute arbitrary JavaScript code with the same privileges as the user running OpenClaw. This can lead to unauthorized actions such as data theft, modification, or destruction, installation of malware, or further compromise of the system.

Because the code runs under the current user account, the attacker gains the same level of access as that user, which can be significant depending on the user's permissions.

However, exploitation requires the attacker to have placed a malicious file in a directory where the user runs OpenClaw commands and requires the user to run those commands from that directory, meaning social engineering or local access is necessary.

Detection Guidance

This vulnerability can be detected by checking if there are any malicious setup-api.js files placed in the extensions/<plugin>/ directory within repositories from which OpenClaw commands are run.

You can inspect your current working directories and repositories for unexpected or suspicious setup-api.js files in the extensions folders.

  • Use commands like `find . -path '*/extensions/*/setup-api.js'` to locate any setup-api.js files in extensions directories.
  • Review the contents of any found setup-api.js files to verify if they are legitimate or potentially malicious.
  • Monitor user activity to detect if OpenClaw commands are being run from directories containing such files.
Mitigation Strategies

The immediate and most effective mitigation step is to update OpenClaw to version 2026.4.23 or later, where this vulnerability has been patched.

Avoid running OpenClaw commands from untrusted or unknown directories, especially those that may contain extensions/<plugin>/setup-api.js files.

Audit and remove any suspicious setup-api.js files from your repositories or working directories.

Educate users to be cautious about the directories from which they execute OpenClaw commands to prevent exploitation.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-45004. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart