CVE-2026-53853
Awaiting Analysis Awaiting Analysis - Queue

Argument Pattern Validation Bypass in OpenClaw

Vulnerability report for CVE-2026-53853, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-06-16

Last updated on: 2026-06-18

Assigner: VulnCheck

Description

OpenClaw before 2026.5.12 contains an argument pattern validation bypass in the exec allowlist that allows attackers to execute disallowed arguments for allowlisted executables on Linux and macOS systems. Attackers can bypass configured argPattern restrictions by directly invoking allowlisted executables with unrestricted arguments, potentially enabling unauthorized file access, network access, or command execution.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-16
Last Modified
2026-06-18
Generated
2026-07-07
AI Q&A
2026-06-16
EPSS Evaluated
2026-07-05
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
openclaw openclaw to 2026.5.12 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-863 The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.
CWE-693 The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Compliance Impact

The vulnerability in OpenClaw allows attackers to bypass argument pattern restrictions and execute disallowed arguments for allowlisted executables, potentially enabling unauthorized file access, network access, or command execution.

Such unauthorized access and execution could lead to breaches of confidentiality and integrity, which are critical concerns in compliance with standards like GDPR and HIPAA that mandate protection of sensitive data and secure system operations.

Therefore, if exploited, this vulnerability could result in non-compliance with these regulations due to potential unauthorized data access or system misuse.

Executive Summary

CVE-2026-53853 is a vulnerability in OpenClaw versions before 2026.5.12 affecting Linux and macOS systems. It involves a bypass of the argument pattern validation in the exec allowlist feature. This flaw allows attackers to execute allowlisted executables with disallowed or unrestricted arguments by directly invoking them, bypassing the configured argPattern restrictions.

Essentially, the security mechanism intended to restrict which arguments can be passed to certain executables is bypassed, enabling attackers to run commands or access resources that should have been blocked.

Impact Analysis

This vulnerability can have serious impacts including unauthorized file access, unauthorized network access, and unauthorized command execution on affected systems.

  • Attackers can bypass argument restrictions to run commands that should be blocked.
  • Potential compromise of confidentiality and integrity of data.
  • Possible escalation of privileges or execution of malicious code depending on the allowlist configuration and executable involved.
Mitigation Strategies

To mitigate this vulnerability, you should upgrade OpenClaw to version 2026.5.12 or later, where the argument pattern validation bypass in the exec allowlist has been patched.

Additionally, review your allowlist configurations, especially if you use the tools.exec.security setting set to "allowlist" and have allowlist entries that use argPattern, to ensure that argument restrictions are properly enforced.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-53853. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart