What is the CVSS score of CVE-2026-26325?

CVE-2026-26325 has a CVSS 3.1 base score of 7.2 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.0%.

Which versions of AI / ML are affected by CVE-2026-26325?

CVE-2026-26325 affects OpenClaw AI assistant users prior to version 2026.2.14, allowing attackers to bypass security controls and execute unauthorized commands by exploiting a validation bypass…. A patch is available.

AI / ML CVE-2026-26325

HIGH

Improper Access Control (CWE-284)

2026-02-19 security-advisories@github.com

GHSA-h3f9-mjwj-w476

Authentication Bypass AI / ML Openclaw

7.2

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 22:03 vuln.today

Patch released

Feb 23, 2026 - 13:47 nvd

Patch available

CVE Published

Feb 19, 2026 - 23:16 nvd

HIGH 7.2

DescriptionNVD

OpenClaw is a personal AI assistant. Prior to version 2026.2.14, a mismatch between rawCommand and command[] in the node host system.run handler could cause allowlist/approval evaluation to be performed on one command while executing a different argv. This only impacts deployments that use the node host / companion node execution path (system.run on a node), enable allowlist-based exec policy (security=allowlist) with approval prompting driven by allowlist misses (for example ask=on-miss), allow an attacker to invoke system.run. Default/non-node configurations are not affected. Version 2026.2.14 enforces rawCommand/command[] consistency (gateway fail-fast + node host validation).

AnalysisAI

OpenClaw versions before 2026.2.14 allow attackers with execution privileges to bypass command allowlist controls on node host deployments by exploiting a mismatch between validated and executed commands, potentially enabling execution of unapproved system commands. The vulnerability only affects configurations using node host execution paths with allowlist-based security policies and approval prompting. …

RemediationAI

Within 24 hours: Inventory all OpenClaw deployments and identify systems running versions prior to 2026.2.14. Within 7 days: Apply vendor patch to all affected OpenClaw instances and validate successful updates. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

CVE-2026-26325 vulnerability details – vuln.today

Back

AI / ML CVE-2026-26325

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

Share

External POC / Exploit Code