CVE-2026-31994
Published: 19 March 2026
Summary
CVE-2026-31994 is a high-severity OS Command Injection (CWE-78) vulnerability in Openclaw Openclaw. Its CVSS base score is 7.1 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Scheduled Task (T1053.005); ranked at the 19.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly addresses the CVE by requiring timely flaw remediation through upgrading OpenClaw to version 2026.2.19 or later, fixing the unsafe handling of cmd metacharacters in gateway.cmd generation.
Prevents command injection by enforcing validation of service script generation arguments to reject metacharacters, CR/LF sequences, and expansion-sensitive characters before use in scheduled task scripts.
Mitigates impact of injected commands by applying least privilege to users and processes controlling script generation arguments and executing scheduled tasks.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Local command injection in scheduled task script generation (cmd metacharacters) directly enables malicious scheduled task execution (T1053.005) with Windows command shell (T1059.003) and facilitates local privilege escalation (T1068) due to PR:L to I:H impact.
NVD Description
OpenClaw versions prior to 2026.2.19 contain a local command injection vulnerability in Windows scheduled task script generation due to unsafe handling of cmd metacharacters and expansion-sensitive characters in gateway.cmd files. Local attackers with control over service script generation arguments can…
more
inject arbitrary commands by providing metacharacter-only values or CR/LF sequences that execute unintended code in the scheduled task context.
Deeper analysisAI
CVE-2026-31994, published on 2026-03-19, is a local command injection vulnerability (CWE-78) in OpenClaw versions prior to 2026.2.19. The flaw occurs during Windows scheduled task script generation due to unsafe handling of cmd metacharacters and expansion-sensitive characters in gateway.cmd files, enabling injection of arbitrary commands.
Local attackers with low privileges (PR:L) and access to the system (AV:L) who can control service script generation arguments are able to exploit the vulnerability. By supplying metacharacter-only values or CR/LF sequences, they can execute unintended code within the scheduled task context, resulting in high integrity (I:H) and availability (A:H) impacts but no confidentiality loss (CVSS 7.1, CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H).
Advisories recommend upgrading to OpenClaw 2026.2.19 or later, where the issue is fixed via commit 280c6b117b2f0e24f398e5219048cd4cc3b82396. Further details on the vulnerability and mitigation are available in the GitHub security advisory at GHSA-mqr9-vqhq-3jxw and the VulnCheck advisory.
Details
- CWE(s)