CVE-2026-62200 in OpenClawinfo

Summary

by MITRE • 07/14/2026

OpenClaw versions before 2026.6.1 contain a flaw in host exec environment filtering that could allow Git ext transport to be abused. When the affected feature is enabled and reachable, a lower-trust caller or configured input path could execute or persist actions beyond the caller's intended authorization.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Analysis

by VulDB Data Team • 07/14/2026

The vulnerability identified in OpenClaw versions prior to 2026.6.1 represents a critical security flaw within the host execution environment filtering mechanism that directly impacts the Git external transport functionality. This weakness creates an avenue for privilege escalation and unauthorized code execution through improper input validation and access control enforcement. The issue stems from insufficient sanitization of external transport parameters that are processed within the host environment, allowing malicious actors to manipulate the execution flow of legitimate system processes.

The technical implementation flaw resides in how OpenClaw handles external transport protocols when specific features are enabled, particularly concerning Git-based operations. When these vulnerable components are accessible to untrusted inputs or callers, the system fails to properly validate and sanitize the transport parameters before processing them within the host environment. This creates a path where an attacker with lower privileges can inject malicious commands or manipulate execution paths that should be restricted to authorized users only. The vulnerability operates at the intersection of input handling and privilege management, specifically targeting the boundary between trusted and untrusted execution contexts.

From an operational impact perspective, this vulnerability exposes organizations to significant risks including unauthorized code execution, data exfiltration, and persistence mechanisms within the affected systems. Attackers could leverage this flaw to escalate privileges beyond their intended authorization levels, potentially gaining access to sensitive resources or establishing backdoors within the host environment. The attack surface expands when considering that Git transport operations are commonly used in automated deployment pipelines, continuous integration systems, and collaborative development environments where multiple users may have varying levels of system access.

The security implications extend beyond immediate execution privileges to encompass potential lateral movement within networked environments where OpenClaw systems are deployed. This vulnerability aligns with CWE-78 and CWE-20 categories related to command injection and input validation failures, respectively, and maps to ATT&CK techniques involving privilege escalation and persistence mechanisms. Organizations utilizing affected versions face risks of unauthorized access to source code repositories, system compromise through malicious Git operations, and potential data loss through unauthorized modifications or deletions.

Mitigation strategies should prioritize immediate patching to version 2026.6.1 or later, which includes enhanced input validation and stricter host environment filtering controls. Additionally, organizations should implement network segmentation to limit access to vulnerable Git transport features, enforce strict access controls on system resources, and monitor for suspicious execution patterns that may indicate exploitation attempts. Regular security assessments of external transport configurations and comprehensive input sanitization practices should be established as part of ongoing security hygiene to prevent similar vulnerabilities from emerging in future deployments.

Responsible

VulnCheck

Reservation

07/13/2026

Disclosure

07/14/2026

Moderation

accepted

CPE

ready

EPSS

0.00000

KEV

no

Activities

low

Sources

Do you need the next level of professionalism?

Upgrade your account now!