Cyber Resilience

CVE-2026-29610

HighPublic PoC

Published: 05 March 2026

Published
05 March 2026
Modified
11 March 2026
KEV Added
Patch
CVSS Score v4 7.7 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0046 36.7th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2026-29610 is a high-severity Uncontrolled Search Path Element (CWE-427) vulnerability in Openclaw Openclaw. Its CVSS base score is 7.7 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Path Interception by PATH Environment Variable (T1574.007); ranked at the 36.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 CM-10 (Software Usage Restrictions) and CM-11 (User-installed Software).

Deeper analysis

CVE-2026-29610 is a command hijacking vulnerability (CWE-427) affecting OpenClaw versions prior to 2026.2.14. The flaw enables attackers to execute unintended binaries by manipulating PATH environment variables during node-host execution or project-local bootstrapping processes.

Attackers with authenticated access to node-host execution surfaces, or those running OpenClaw in attacker-controlled directories, can exploit this by placing malicious executables in the PATH to override allowlisted safe-bin commands, resulting in arbitrary command execution. The vulnerability carries a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating high impact with network accessibility, low attack complexity, and low privileges required.

Advisories recommend upgrading to OpenClaw 2026.2.14 or later to mitigate the issue, with the fixing commit available at https://github.com/openclaw/openclaw/commit/013e8f6b3be3333a229a066eef26a45fec47ffcc. Further details on the vulnerability and remediation are provided in the GitHub Security Advisory at https://github.com/openclaw/openclaw/security/advisories/GHSA-jqpq-mgvm-f9r6 and the VulnCheck advisory at https://www.vulncheck.com/advisories/openclaw-command-hijacking-via-unsafe-path-handling.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

OpenClaw versions prior to 2026.2.14 contain a command hijacking vulnerability that allows attackers to execute unintended binaries by manipulating PATH environment variables through node-host execution or project-local bootstrapping. Attackers with authenticated access to node-host execution surfaces or those running OpenClaw…

more

in attacker-controlled directories can place malicious executables in PATH to override allowlisted safe-bin commands and achieve arbitrary command execution.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1574.007 Path Interception by PATH Environment Variable Stealth
Adversaries may execute their own malicious payloads by hijacking environment variables used to load libraries.
Why these techniques?

Direct match to PATH environment variable manipulation for hijacking allowlisted binaries (CWE-427), enabling arbitrary command execution via T1574.007 Path Interception by PATH Environment Variable.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-28456Same product: Openclaw Openclaw
CVE-2026-45004Same product: Openclaw Openclaw
CVE-2026-32015Same product: Openclaw Openclaw
CVE-2026-43531Same product: Openclaw Openclaw
CVE-2026-32924Same product: Openclaw Openclaw
CVE-2026-27523Same product: Openclaw Openclaw
CVE-2026-28463Same product: Openclaw Openclaw
CVE-2026-43573Same product: Openclaw Openclaw
CVE-2026-32914Same product: Openclaw Openclaw
CVE-2026-28470Same product: Openclaw Openclaw

Affected Assets

openclaw
openclaw
≤ 2026.2.14

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly mitigates CVE-2026-29610 by requiring timely remediation of the specific flaw through patching to OpenClaw 2026.2.14 or later.

prevent

Enforces deny-all, permit-by-exception policy for software execution, preventing malicious binaries from overriding allowlisted safe-bin commands via PATH manipulation.

prevent

Restricts user installation of unauthorized software, preventing attackers from placing malicious executables in PATH during node-host execution or project-local bootstrapping.

References