Cyber Resilience

CVE-2026-45006

HighPublic PoC

Published: 11 May 2026

Published
11 May 2026
Modified
13 May 2026
KEV Added
Patch
CVSS Score v4 7.7 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0049 38.5th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2026-45006 is a high-severity Incomplete List of Disallowed Inputs (CWE-184) vulnerability in Openclaw Openclaw. Its CVSS base score is 7.7 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Command and Scripting Interpreter (T1059); ranked at the 38.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

EU & UK References

Vulnerability details

OpenClaw before 2026.4.23 contains an improper access control vulnerability in the gateway tool's config.apply and config.patch operations that allows compromised models to write unsafe configuration changes by bypassing an incomplete denylist protection. Attackers can persist malicious config modifications affecting command…

more

execution, network behavior, credentials, and operator policies that survive restart.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1059 Command and Scripting Interpreter Execution
Adversaries may abuse command and script interpreters to execute commands, scripts, or binaries.
T1547 Boot or Logon Autostart Execution Persistence
Adversaries may configure system settings to automatically execute a program during system boot or logon to maintain persistence or gain higher-level privileges on compromised systems.
Why these techniques?

Vuln enables persistent unsafe config changes directly impacting command execution and startup behavior via bypassed denylist.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-34426Same product: Openclaw Openclaw
CVE-2026-43584Same product: Openclaw Openclaw
CVE-2026-43566Same product: Openclaw Openclaw
CVE-2026-43578Same product: Openclaw Openclaw
CVE-2026-44114Same product: Openclaw Openclaw
CVE-2026-32017Same product: Openclaw Openclaw
CVE-2026-41392Same product: Openclaw Openclaw
CVE-2026-43532Same product: Openclaw Openclaw
CVE-2026-28363Same product: Openclaw Openclaw
CVE-2026-31992Same product: Openclaw Openclaw

Affected Assets

openclaw
openclaw
≤ 2026.4.23

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-184

Spam filters rely on evolving blacklists, signatures, and heuristics of disallowed message patterns; keeping them updated per the control directly mitigates incomplete disallowed-input lists.

References