Cyber Resilience

CVE-2026-22178

MediumPublic PoC

Published: 18 March 2026

Published
18 March 2026
Modified
19 March 2026
KEV Added
Patch
CVSS Score v4 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0031 22.7th percentile
Risk Priority 35 floored blend · peak EPSS

Summary

CVE-2026-22178 is a medium-severity Inefficient Regular Expression Complexity (CWE-1333) vulnerability in Openclaw Openclaw. Its CVSS base score is 6.9 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Application or System Exploitation (T1499.004); ranked at the 22.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2026-22178 is a regex injection and denial-of-service vulnerability in OpenClaw versions prior to 2026.2.19. It occurs in the stripBotMention function, where RegExp objects are constructed directly from unescaped Feishu mention metadata. This flaw, classified under CWE-1333 (Inefficient Regular Expression Complexity), enables attackers to inject malicious patterns, with a CVSS v3.1 base score of 6.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L).

Remote attackers require no privileges or user interaction to exploit the vulnerability by crafting mention metadata containing nested-quantifier patterns or metacharacters. Successful exploitation triggers catastrophic backtracking in the regex engine, causing denial of service through blocked message processing. Additionally, attackers can remove unintended content before it reaches model processing, resulting in low integrity and availability impacts.

Mitigation is addressed in OpenClaw version 2026.2.19 and later via patches in GitHub commits 74268489137510b6f6349919d1e197b17290d92c and 7e67ab75cc2f0e93569d12fecd1411c2961fcc8c. Further details on the fix and impacts are provided in the GitHub security advisory GHSA-c6hr-w26q-c636 and the VulnCheck advisory at https://www.vulncheck.com/advisories/openclaw-redos-and-regex-injection-via-unescaped-feishu-mention-metadata.

EU & UK References

Vulnerability details

OpenClaw versions prior to 2026.2.19 construct RegExp objects directly from unescaped Feishu mention metadata in the stripBotMention function, allowing regex injection and denial of service. Attackers can craft nested-quantifier patterns or metacharacters in mention metadata to trigger catastrophic backtracking, block…

more

message processing, or remove unintended content before model processing.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1499.004 Application or System Exploitation Impact
Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.
Why these techniques?

Directly enables application-layer DoS via regex injection and catastrophic backtracking (CWE-1333) in message processing; secondary low-integrity content manipulation also possible.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-41400Same product: Openclaw Openclaw
CVE-2026-35627Same product: Openclaw Openclaw
CVE-2026-29612Same product: Openclaw Openclaw
CVE-2026-28461Same product: Openclaw Openclaw
CVE-2026-32049Same product: Openclaw Openclaw
CVE-2026-41405Same product: Openclaw Openclaw
CVE-2026-35640Same product: Openclaw Openclaw
CVE-2026-32011Same product: Openclaw Openclaw
CVE-2026-27646Same product: Openclaw Openclaw
CVE-2026-32924Same product: Openclaw Openclaw

Affected Assets

openclaw
openclaw
≤ 2026.2.19

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Flaw remediation directly addresses the vulnerability by applying the vendor patch in OpenClaw 2026.2.19 that fixes regex construction from unescaped metadata.

prevent

Information input validation ensures Feishu mention metadata is sanitized or validated before use in RegExp construction, preventing regex injection.

preventdetect

Denial-of-service protection limits effects of catastrophic backtracking by enforcing resource limits and detecting excessive processing in the regex engine.

References