CVE-2026-53819
Received Received - Intake
Arbitrary Code Execution in OpenClaw via Homebrew Override

Publication date: 2026-06-11

Last updated on: 2026-06-11

Assigner: VulnCheck

Description
OpenClaw before 2026.5.27 contains an arbitrary code execution vulnerability in skill install flows where workspace .env files can override the Homebrew executable selection. Attackers with access to trusted operator workspaces can execute unintended Homebrew-compatible executables during skill setup to compromise the system.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-11
Last Modified
2026-06-11
Generated
2026-06-12
AI Q&A
2026-06-12
EPSS Evaluated
N/A
NVD
CVE-2026-53819
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
openclaw openclaw to 2026.5.27 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-426 The product searches for critical resources using an externally-supplied search path that can point to resources that are not under the product's direct control.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in OpenClaw versions before 2026.5.27 and involves arbitrary code execution during skill installation processes. Specifically, workspace .env files can override the selection of the Homebrew executable. If an attacker has access to trusted operator workspaces, they can cause unintended Homebrew-compatible executables to run during skill setup, potentially compromising the system.

Impact Analysis

The vulnerability allows attackers with access to trusted operator workspaces to execute arbitrary code on the affected system. This can lead to system compromise, unauthorized actions, and potentially full control over the system where OpenClaw is running.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-53819. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart