CVE-2026-29608 | OpenClaw up to 2026.3.1 system.run node-host Execution argument injection (GHSA-h3rm-6x7g-882f)

Inserito da Angelo Barbosa | Mar 19, 2026 | CVE

A vulnerability classified as critical has been found in OpenClaw up to 2026.3.1. The affected element is an unknown function of the component system.run node-host Execution. The manipulation leads to argument injection.

This vulnerability is referenced as CVE-2026-29608. The attack can only be performed from a local environment. No exploit is available.

It is recommended to upgrade the affected component.

CVE-2026-29608 | OpenClaw up to 2026.3.1 system.run node-host Execution argument injection (GHSA-h3rm-6x7g-882f)

Post correlati

CVE-2024-47730 | Linux Kernel up to 6.1.112/6.6.53/6.10.12/6.11.1 hisilicon injection

CVE-2026-2492 | Google TensorFlow HDF5 Library uncontrolled search path

CVE-2024-13210 | donglight bookstore电商书城系统说明 1.0 AdminBookController. java uploadPicture pictureFile unrestricted upload

CVE-2025-7944 | PHPGurukul Taxi Stand Management System 1.0 /search.php searchdata cross site scripting