CVE-2026-31994 | OpenClaw up to 2026.2.18 Windows Scheduled Task Script Generation os command injection (GHSA-mqr9-vqhq-3jxw)

Inserito da Angelo Barbosa | Mar 19, 2026 | CVE

A vulnerability has been found in OpenClaw up to 2026.2.18 and classified as critical. Affected is an unknown function of the component Windows Scheduled Task Script Generation. Performing a manipulation results in os command injection.

This vulnerability is cataloged as CVE-2026-31994. The attack must be initiated from a local position. There is no exploit available.

The affected component should be upgraded.

CVE-2026-31994 | OpenClaw up to 2026.2.18 Windows Scheduled Task Script Generation os command injection (GHSA-mqr9-vqhq-3jxw)

Post correlati

CVE-2025-15215 | Tenda AC10U 15.03.06.48/15.03.06.49 HTTP POST Request /goform/setPptpUserList formSetPPTPUserList list buffer overflow

CVE-2024-31343 | Sonaar Music MP3 Audio Player for Music, Radio & Podcast Plugin authorization

CVE-2024-12302 | Icegram Engage Plugin up to 3.1.31 on WordPress Campaign Setting cross site scripting

CVE-2025-0648 | M-Files Server up to 24.11 Database Driver uncaught exception