CVE-2026-53855
HighCVSS 8.1Exploitation Probability (EPSS)
Low risk19th percentile - higher than 19% of all known CVEs
Summary
OpenClaw before 2026.4.2 contains an inline-eval bypass vulnerability allowing authenticated operators to weaken strict allowlist checks via shell positional parameters.
Risk Assessment
Attackers can exploit this vulnerability to execute unapproved shell-provided content, potentially leading to serious security breaches in the system.
Recommendation
It is recommended to update OpenClaw to version 2026.4.2 or later to mitigate this vulnerability and strengthen security controls.
Original NVD description (English source)
OpenClaw before 2026.4.2 contains an inline-eval bypass vulnerability allowing authenticated operators to weaken strict allowlist checks via shell positional parameters. Attackers can combine allowlisted tools with shell positional arguments to place inline-eval content in shell carriers outside intended allowlist rules, enabling execution of unapproved shell-provided content.

