CVE-2026-53810
HighCVSS 8.8Exploitation Probability (EPSS)
Low risk18th percentile - higher than 18% of all known CVEs
Summary
OpenClaw before version 2026.5.18 contains a code execution vulnerability where marketplace runtime extension metadata can redirect loading toward unscanned package payloads. Attackers with trusted operator access can manipulate extension metadata to load plugin code outside reviewed package entry points, bypassing security scanning.
Risk Assessment
This vulnerability poses a risk to organizations by allowing attackers to execute unauthorized code, potentially leading to serious security breaches. Manipulation of metadata could result in the introduction of malicious software into the production environment.
Recommendation
It is recommended to update OpenClaw to version 2026.5.18 or later to mitigate this vulnerability. Additionally, conduct an audit of trusted operator access and monitor any changes to extension metadata.
Original NVD description (English source)
OpenClaw before 2026.5.18 contains a code execution vulnerability where marketplace runtime extension metadata can redirect loading toward unscanned package payloads. Attackers with trusted operator access can manipulate extension metadata to load plugin code outside reviewed package entry points, bypassing security scanning.

