CVE-2026-28484 in OpenClaw
Summary
by MITRE • 03/06/2026
OpenClaw versions prior to 2026.2.15 contain an option injection vulnerability in the git-hooks/pre-commit hook that allows attackers to stage ignored files by creating maliciously-named files beginning with dashes. The hook fails to use a -- separator when piping filenames through xargs to git add, enabling attackers to inject git flags and add sensitive ignored files like .env to git history.
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Analysis
by VulDB Data Team • 05/09/2026
This vulnerability exists within the OpenClaw software development ecosystem where version control practices are compromised through a flaw in the pre-commit git hook mechanism. The issue stems from improper handling of filenames during the staging process, specifically when the system processes file lists through xargs to execute git add commands. The root cause lies in the absence of a proper -- separator argument that would prevent command-line argument parsing confusion. When attackers create maliciously-named files beginning with dashes, these filenames are interpreted by git as command-line flags rather than as file paths. This represents a classic command injection vulnerability that aligns with CWE-77 and CWE-78 categories, where user-supplied input is improperly handled in shell command construction. The vulnerability operates at the intersection of software development practices and security controls, specifically targeting the git pre-commit hook mechanism that is designed to enforce code quality and security standards.
The operational impact of this vulnerability extends beyond simple file staging manipulation to potentially compromise sensitive configuration data and environment variables that are typically excluded from version control systems. Attackers can exploit this weakness to inject arbitrary git commands and add files that should remain ignored, including critical files like .env that may contain database credentials, API keys, and other sensitive information. The attack vector demonstrates how seemingly innocuous filename conventions can be weaponized to bypass security controls that rely on proper file exclusion patterns. This vulnerability undermines the integrity of the version control system and creates a persistent risk where attackers can maintain access to sensitive data within the repository history. The flaw operates through the principle of argument confusion where the system fails to distinguish between legitimate filenames and malicious command arguments, enabling privilege escalation through repository manipulation.
The security implications of this vulnerability are particularly concerning in development environments where multiple developers collaborate and where automated security scanning tools rely on clean repository histories. The attack scenario involves an attacker creating a specially named file that when processed by the pre-commit hook results in unintended git commands being executed. This type of vulnerability is classified under the MITRE ATT&CK framework as a form of privilege escalation through modification of development tools and processes. The vulnerability affects the integrity of the software development lifecycle by allowing malicious code injection into the version control system itself. Organizations using OpenClaw versions prior to 2026.2.15 face significant risk of credential exposure and potential supply chain compromise if attackers successfully exploit this flaw to inject malicious code or sensitive data into the repository. The remediation requires implementing proper argument separation in the git hook execution and validating all input before processing.
Mitigation strategies for this vulnerability should focus on immediate codebase modifications to ensure proper argument separation when executing git commands through xargs. The fix requires inserting the -- separator between the xargs command and the git add arguments to prevent argument confusion. Organizations should also implement input validation for filenames and enforce proper naming conventions for files within the repository. Regular security auditing of pre-commit hooks and other development automation tools is essential to identify similar vulnerabilities. The implementation of a more robust hook validation mechanism that checks for potentially malicious filename patterns would provide additional defense layers. Security teams should also consider implementing automated monitoring for suspicious git operations and establish clear policies for file exclusion handling in version control systems. This vulnerability demonstrates the importance of secure coding practices in development tooling and the critical need for proper argument handling in shell command execution contexts.