CVE-2026-31995

Published: Mar 19, 2026Modified: Mar 19, 2026

5.8

Vector

CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Show more

CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XShow less

Source: disclosure@vulncheck.com (Secondary)

Description

OpenClaw versions 2026.1.21 prior to 2026.2.19 contain a command injection vulnerability in the Lobster extension's Windows shell fallback mechanism that allows attackers to inject arbitrary commands through tool-provided arguments. When spawn failures trigger shell fallback with shell: true, attackers can exploit cmd.exe command interpretation to execute malicious commands by controlling workflow arguments.

Affected (1)

Products: Openclaw: Openclaw

1 product

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Openclaw Openclaw	From 2026.1.21 to 2026.2.19

Running on/with	Platform Versions
Microsoft Windows	All versions

Related CWEs

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

References (3)

https://github.com/openclaw/openclaw/commit/ba7be018da354ea9f803ed356d20464df0437916

Source: disclosure@vulncheck.com

Patch

https://github.com/openclaw/openclaw/security/advisories/GHSA-fg3m-vhrr-8gj6

Source: disclosure@vulncheck.com

Vendor Advisory

https://www.vulncheck.com/advisories/openclaw-command-injection-via-windows-shell-fallback-in-lobster-extension

Source: disclosure@vulncheck.com

Third Party Advisory

Timeline

No history available yet.