CVE-2026-53829 | THREATINT

Description

OpenClaw before 2026.5.18 contains an approval display truncation vulnerability allowing authenticated users to hide command suffixes from approvers. Attackers can submit oversized exec commands with benign prefixes and malicious suffixes to execute unauthorized operations after approval.

PUBLISHED Reserved 2026-06-10 | Published 2026-06-12 | Updated 2026-06-15 | Assigner VulnCheck

HIGH: 8.5CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

HIGH: 8.0CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Problem types

User Interface (UI) Misrepresentation of Critical Information

Product status

Default status

unaffected

Any version before 2026.5.18

affected

2026.5.18 (semver)

unaffected

Credits

cantinagen reporter

Ellahi (@Ellahinator) finder

References

github.com/...enclaw/security/advisories/GHSA-xww8-gqvh-92x9 (GitHub Security Advisory (GHSA-xww8-gqvh-92x9)) vendor-advisory

www.vulncheck.com/...and-truncation-in-exec-approval-display (VulnCheck Advisory: OpenClaw < 2026.5.18 - Command Truncation in Exec Approval Display) third-party-advisory

cve.org (CVE-2026-53829)

nvd.nist.gov (CVE-2026-53829)

Download JSON