CVE-2026-31994 | OpenClaw up to 2026.2.18 Windows Scheduled Task Script Generation os command injection (GHSA-mqr9-vqhq-3jxw)

Inserito da Angelo Barbosa | Mar 19, 2026 | CVE

A vulnerability has been found in OpenClaw up to 2026.2.18 and classified as critical. Affected is an unknown function of the component Windows Scheduled Task Script Generation. Performing a manipulation results in os command injection.

This vulnerability is cataloged as CVE-2026-31994. The attack must be initiated from a local position. There is no exploit available.

The affected component should be upgraded.

CVE-2026-31994 | OpenClaw up to 2026.2.18 Windows Scheduled Task Script Generation os command injection (GHSA-mqr9-vqhq-3jxw)

Post correlati

CVE-2025-5881 | code-projects Chat System up to 1.0 confirm_password.php cid sql injection

CVE-2025-15060 | claude-hovercraft executeClaudeCode command injection

CVE-2025-4492 | Campcodes Online Food Ordering System 1.0 ticket-message.php ticket_id sql injection

CVE-2025-39887 | Linux Kernel up to 6.16.7/6.17-rc5 bitmap_parselist null pointer dereference