Cyber Posture

CVE-2026-44115

HighPublic PoC

Published: 06 May 2026

Published
06 May 2026
Modified
07 May 2026
KEV Added
Patch
CVSS Score 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0008 23.0th percentile
Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-44115 is a high-severity Incomplete List of Disallowed Inputs (CWE-184) vulnerability in Openclaw Openclaw. Its CVSS base score is 8.8 (High).

Operationally, ranked at the 23.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

Threat & Defense Details

Likely Mitigating ControlsAI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

SI-8 Spam Protection
addresses: CWE-184

Spam filters rely on evolving blacklists, signatures, and heuristics of disallowed message patterns; keeping them updated per the control directly mitigates incomplete disallowed-input lists.

NVD Description

OpenClaw before 2026.4.22 contains an exec allowlist analysis vulnerability allowing shell expansion hiding in unquoted heredoc bodies. Attackers can bypass allowlist validation by embedding shell expansion tokens in heredoc bodies to execute unapproved commands at runtime.

Deeper analysisAI

Automated synthesis unavailable for this CVE.

Details

CWE(s)
CWE-184

Affected Products

openclaw
openclaw
≤ 2026.4.22

CVEs Like This One

CVE-2026-41392Same product: Openclaw Openclaw
CVE-2026-34426Same product: Openclaw Openclaw
CVE-2026-32017Same product: Openclaw Openclaw
CVE-2026-31992Same product: Openclaw Openclaw
CVE-2026-43584Same product: Openclaw Openclaw
CVE-2026-22175Same product: Openclaw Openclaw
CVE-2026-43578Same product: Openclaw Openclaw
CVE-2026-43532Same product: Openclaw Openclaw
CVE-2026-43566Same product: Openclaw Openclaw
CVE-2026-44114Same product: Openclaw Openclaw

References