Cyber Resilience

CVE-2026-44115

HighPublic PoC

Published: 06 May 2026

Published
06 May 2026
Modified
07 May 2026
KEV Added
Patch
CVSS Score v4 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0036 28.2th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2026-44115 is a high-severity Incomplete List of Disallowed Inputs (CWE-184) vulnerability in Openclaw Openclaw. Its CVSS base score is 8.7 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Unix Shell (T1059.004); ranked at the 28.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

EU & UK References

Vulnerability details

OpenClaw before 2026.4.22 contains an exec allowlist analysis vulnerability allowing shell expansion hiding in unquoted heredoc bodies. Attackers can bypass allowlist validation by embedding shell expansion tokens in heredoc bodies to execute unapproved commands at runtime.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1059.004 Unix Shell Execution
Adversaries may abuse Unix shell commands and scripts for execution.
Why these techniques?

Bypass of shell exec allowlist via heredoc expansion directly enables arbitrary Unix shell command execution (T1059.004).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-43584Same product: Openclaw Openclaw
CVE-2026-41392Same product: Openclaw Openclaw
CVE-2026-31992Same product: Openclaw Openclaw
CVE-2026-22175Same product: Openclaw Openclaw
CVE-2026-43566Same product: Openclaw Openclaw
CVE-2026-43578Same product: Openclaw Openclaw
CVE-2026-34426Same product: Openclaw Openclaw
CVE-2026-45006Same product: Openclaw Openclaw
CVE-2026-44114Same product: Openclaw Openclaw
CVE-2026-32017Same product: Openclaw Openclaw

Affected Assets

openclaw
openclaw
≤ 2026.4.22

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-184

Spam filters rely on evolving blacklists, signatures, and heuristics of disallowed message patterns; keeping them updated per the control directly mitigates incomplete disallowed-input lists.

References