How to fix EUVD-2026-13023?

Within 24 hours: Inventory all OpenClaw deployments and document current versions in use. Within 7 days: Apply vendor patch 2026.2.23 or later to all affected systems, prioritizing production environments. Within 30 days: Conduct post-patch verification testing and review operator access logs for suspicious command execution activity during the vulnerability window.

Is Openclaw affected by EUVD-2026-13023?

OpenClaw versions prior to 2026.2.23 contain a vulnerability allowing authenticated operators to bypass security controls and execute arbitrary commands on systems.

EUVD-2026-13023

| CVE-2026-31992 HIGH

2026-03-19 VulnCheck

GHSA-48wf-g7cp-gr3m

7.1

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

High

Availability

Low

Lifecycle Timeline

Analysis Generated

Mar 19, 2026 - 01:30 vuln.today

EUVD ID Assigned

Mar 19, 2026 - 01:30 euvd

EUVD-2026-13023

Patch Released

Mar 19, 2026 - 01:30 nvd

Patch available

CVE Published

Mar 19, 2026 - 01:00 nvd

HIGH 7.1

Description

OpenClaw versions prior to 2026.2.23 contain an allowlist bypass vulnerability in system.run guardrails that allows authenticated operators to execute unintended commands. When /usr/bin/env is allowlisted, attackers can use env -S to bypass policy analysis and execute shell wrapper payloads at runtime.

Analysis

OpenClaw contains an allowlist bypass vulnerability in system.run guardrails that enables authenticated operators to execute arbitrary commands by exploiting the env -S flag when /usr/bin/env is allowlisted. The vulnerability affects all OpenClaw versions prior to 2026.2.23, allowing attackers with low-level privileges to bypass policy controls and execute shell wrapper payloads at runtime. …

Remediation

Within 24 hours: Inventory all OpenClaw deployments and document current versions in use. Within 7 days: Apply vendor patch 2026.2.23 or later to all affected systems, prioritizing production environments. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.1

CVSS: +36

POC: 0

EUVD-2026-13023 vulnerability details – vuln.today

Back

EUVD-2026-13023

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Remediation

Analysis

Full analysis requires sign-in

Priority Score

Share

EUVD-2026-13023

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Remediation

Full analysis requires sign-in

Priority Score

Share

External POC / Exploit Code