Perceptive Security
SOC/SIEM Consultancy
OpenClaw versions 2026.1.5 prior to 2026.2.14 contain a vulnerability in the Gateway in which it does not sufficiently constrain configured hook module paths be…
Published:
4 March 2026 at 23:00:00
Alert date:
5 March 2026 at 23:13:13
Source:
nvd.nist.gov
Web Technologies, Supply Chain & Dependencies
OpenClaw versions 2026.1.5 prior to 2026.2.14 contain a critical vulnerability in the Gateway component that allows arbitrary code execution. The vulnerability stems from insufficient validation of hook module paths before passing them to dynamic import() function. Attackers with gateway configuration modification access can exploit this to load and execute unintended local modules within the Node.js process. This represents a significant security risk for applications using affected OpenClaw versions. Multiple patches and security advisories have been released to address this issue.
Technical details
Mitigation steps:
Affected products:
OpenClaw
Related links:
https://nvd.nist.gov/vuln/detail/CVE-2026-28456
https://github.com/openclaw/openclaw/commit/35c0e66ed057f1a9f7ad2515fdcef516bd6584ce
https://github.com/openclaw/openclaw/commit/a0361b8ba959e8506dc79d638b6e6a00d12887e4
https://github.com/openclaw/openclaw/security/advisories/GHSA-v6c6-vqqg-w888
https://www.vulncheck.com/advisories/openclaw-arbitrary-code-execution-via-unsafe-hook-module-path-handling
Related CVE's:
Related threat actors:
IOC's:
This article was created with the assistance of AI technology by Perceptive.