Vulnerability Details CVE-2026-53829
OpenClaw before 2026.5.18 contains an approval display truncation vulnerability allowing authenticated users to hide command suffixes from approvers. Attackers can submit oversized exec commands with benign prefixes and malicious suffixes to execute unauthorized operations after approval.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 12.5%
CVSS Severity
CVSS v3 Score 8.0