CVE-2026-53829
Received Received - Intake
Approval Display Truncation in OpenClaw

Publication date: 2026-06-12

Last updated on: 2026-06-12

Assigner: VulnCheck

Description
OpenClaw before 2026.5.18 contains an approval display truncation vulnerability allowing authenticated users to hide command suffixes from approvers. Attackers can submit oversized exec commands with benign prefixes and malicious suffixes to execute unauthorized operations after approval.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-12
Last Modified
2026-06-12
Generated
2026-06-13
AI Q&A
2026-06-13
EPSS Evaluated
N/A
NVD
CVE-2026-53829
EUVD
EUVD-2026-36617
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
openclaw openclaw to 2026.5.18 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-451 The user interface (UI) does not properly represent critical information to the user, allowing the information - or its source - to be obscured or spoofed. This is often a component in phishing attacks.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in OpenClaw versions before 2026.5.18 and involves an approval display truncation issue.

Authenticated users can exploit this by submitting oversized exec commands that have benign prefixes and malicious suffixes.

Because the approval display truncates the command, approvers only see the benign part and may unknowingly approve commands that contain hidden malicious operations.

Impact Analysis

The vulnerability can lead to unauthorized operations being executed after approval because malicious command suffixes are hidden from approvers.

This can result in a high impact on confidentiality, integrity, and availability of the affected system, as indicated by the high CVSS scores.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-53829. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart