CVE-2026-31999 | OpenClaw up to 2026.3.0 on Windows Wrapper os command injection (GHSA-6f6j-wx9w-ff4j)

Inserito da Angelo Barbosa | Mar 19, 2026 | CVE

A vulnerability classified as critical has been found in OpenClaw up to 2026.3.0 on Windows. This vulnerability affects unknown code of the component Wrapper. Performing a manipulation results in os command injection.

This vulnerability is identified as CVE-2026-31999. The attack is only possible with local access. There is not any exploit available.

It is recommended to upgrade the affected component.

CVE-2026-31999 | OpenClaw up to 2026.3.0 on Windows Wrapper os command injection (GHSA-6f6j-wx9w-ff4j)

Post correlati

CVE-2024-6457 | HUSKY Plugin up to 1.3.6 on WordPress sql injection

CVE-2024-3571 | langchain-ai langchain up to 0.0.352 LocalFileStore path traversal

CVE-2024-8430 | spicethemes Spice Starter Sites Plugin up to 1.2.5 on WordPress spice_starter_sites_importer_creater authorization

CVE-2024-29988 | Microsoft unknown vulnerability