CVE-2026-31999
Published: 19 March 2026
Summary
CVE-2026-31999 is a medium-severity OS Command Injection (CWE-78) vulnerability in Openclaw Openclaw. Its CVSS base score is 6.3 (Medium).
Operationally, exploitation aligns with the MITRE ATT&CK technique Windows Command Shell (T1059.003); ranked at the 23.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly mitigates CVE-2026-31999 by requiring timely identification, reporting, and patching of the specific flaw in OpenClaw wrapper resolution to version 2026.3.1 or later.
Requires validation of inputs like current working directory paths during wrapper resolution to prevent CWD injection and command execution integrity loss.
Enables monitoring of system processes and execution anomalies to detect exploitation attempts via manipulated CWD leading to unauthorized command execution.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
CWD manipulation during .cmd/.bat wrapper resolution directly enables path/search-order hijacking (T1574.008) that results in attacker-controlled command execution via the Windows Command Shell (T1059.003).
NVD Description
OpenClaw versions 2026.2.26 prior to 2026.3.1 on Windows contain a current working directory injection vulnerability in wrapper resolution for .cmd/.bat files that allows attackers to influence execution behavior through cwd manipulation. Remote attackers can exploit improper shell execution fallback mechanisms…
more
to achieve command execution integrity loss by controlling the current working directory during wrapper resolution.
Deeper analysisAI
CVE-2026-31999 is a current working directory injection vulnerability in OpenClaw versions 2026.2.26 prior to 2026.3.1 on Windows. The flaw occurs in the wrapper resolution process for .cmd and .bat files, where attackers can manipulate the current working directory (CWD) to influence execution behavior. Published on 2026-03-19, it is rated 6.3 on CVSS 3.1 (AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H) and maps to CWE-78 (OS Command Injection).
Local attackers with low privileges can exploit this through improper shell execution fallback mechanisms by controlling the CWD during wrapper resolution. This enables command execution integrity loss, potentially allowing arbitrary influence over executed commands without confidentiality impact but with high integrity and availability effects. Despite the description noting remote attackers, the CVSS vector specifies local access (AV:L) with high attack complexity (AC:H).
Advisories recommend upgrading to OpenClaw 2026.3.1 or later to mitigate the vulnerability. Additional details are available in the GitHub security advisory (GHSA-6f6j-wx9w-ff4j) and VulnCheck advisory on the CWD injection via Windows wrapper resolution fallback.
Details
- CWE(s)