Cyber Resilience

CVE-2026-53829

HighPublic PoC

Published: 12 June 2026

Published
12 June 2026
Modified
17 June 2026
KEV Added
Patch
CVSS Score v4 8.5 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0023 14.0th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2026-53829 is a high-severity User Interface (UI) Misrepresentation of Critical Information (CWE-451) vulnerability in Openclaw Openclaw. Its CVSS base score is 8.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Command and Scripting Interpreter (T1059); ranked at the 14.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

OpenClaw before 2026.5.18 contains an approval display truncation vulnerability allowing authenticated users to hide command suffixes from approvers. Attackers can submit oversized exec commands with benign prefixes and malicious suffixes to execute unauthorized operations after approval.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1059 Command and Scripting Interpreter Execution
Adversaries may abuse command and script interpreters to execute commands, scripts, or binaries.
Why these techniques?

Vulnerability bypasses command approval UI to enable execution of hidden malicious commands by authenticated users.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v19.0

Affected Assets

openclaw
openclaw
≤ 2026.5.18

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References