{"document":{"category":"csaf_vex","csaf_version":"2.0","title":"CVE-2026-53806: OpenClaw < 2026.5.12 - Shell Option Parsing Bypass in Exec Revalidation","publisher":{"category":"vendor","name":"HarborGuard Database","namespace":"https://database.harborguard.co"},"tracking":{"id":"CVE-2026-53806","status":"final","version":"1","initial_release_date":"2026-06-11T20:05:21.614Z","current_release_date":"2026-06-13T03:55:31.519Z","revision_history":[{"date":"2026-06-11T20:05:21.614Z","number":"1","summary":"Initial machine-readable export from HarborGuard."}]},"distribution":{"tlp":{"label":"WHITE"},"text":"Public CVE data; freely redistributable."},"notes":[{"category":"description","text":"OpenClaw before 2026.5.12 contains a shell option parsing vulnerability that allows combined POSIX shell flags to bypass exec revalidation checks. Attackers can exploit this by using combined shell options to execute inline shell content without intended allowlist validation, potentially enabling unauthorized command execution when the affected feature is enabled.","title":"CVE description"}],"references":[{"category":"self","summary":"CVE-2026-53806 on HarborGuard Database","url":"https://database.harborguard.co/cve/CVE-2026-53806"},{"category":"external","summary":"CVE Record","url":"https://www.cve.org/CVERecord?id=CVE-2026-53806"},{"category":"external","summary":"GitHub Security Advisory (GHSA-vxx3-6hc9-7cc3)","url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-vxx3-6hc9-7cc3"},{"category":"external","summary":"vulncheck.com","url":"https://www.vulncheck.com/advisories/openclaw-shell-option-parsing-bypass-in-exec-revalidation"}]},"product_tree":{"branches":[{"category":"vendor","name":"OpenClaw","branches":[{"category":"product_name","name":"OpenClaw","branches":[{"category":"product_version_range","name":"<2026.5.12","product":{"name":"OpenClaw OpenClaw <2026.5.12","product_id":"CSAFPID-1","product_identification_helper":{"cpe":"cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:*:*:*"}}},{"category":"product_version","name":"2026.5.12","product":{"name":"OpenClaw OpenClaw 2026.5.12","product_id":"CSAFPID-2","product_identification_helper":{"cpe":"cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:*:*:*"}}}]}]}]},"vulnerabilities":[{"cve":"CVE-2026-53806","title":"OpenClaw < 2026.5.12 - Shell Option Parsing Bypass in Exec Revalidation","notes":[{"category":"description","text":"OpenClaw before 2026.5.12 contains a shell option parsing vulnerability that allows combined POSIX shell flags to bypass exec revalidation checks. Attackers can exploit this by using combined shell options to execute inline shell content without intended allowlist validation, potentially enabling unauthorized command execution when the affected feature is enabled.","title":"CVE description"}],"product_status":{"known_affected":["CSAFPID-1"],"fixed":["CSAFPID-2"]},"scores":[{"cvss_v4":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N","baseScore":7.7,"baseSeverity":"HIGH"},"products":["CSAFPID-1"]}],"remediations":[{"category":"vendor_fix","details":"Update to a fixed version: 2026.5.12.","product_ids":["CSAFPID-1"],"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-vxx3-6hc9-7cc3"}]}]}