CVE-2026-53836: OpenClaw < 2026.5.12 - Allowlist Bypass via PowerShell Encoded-Command Aliases

Synopsis

An allowlist bypass vulnerability exists in OpenClaw before version 2026.5.12, affecting its PowerShell encoded-command handling. The flaw is reachable over the network by any authenticated operator (a low-privilege account is sufficient), with no victim interaction required. Successful exploitation lets an attacker run arbitrary PowerShell commands that the allowlist was meant to block, enabling full read, write, and denial-of-service impact on the affected system. A patched-image rebuild at version 2026.5.12 is available on HarborGuard for affected environments.

HarborGuard Coverage

Exploit Conditions

• Network reachabilityRequired

  The attacker must reach the OpenClaw service over the network; local or physical access is not needed.

• AuthenticationRequired

  A low-privilege operator account is sufficient; no administrative or elevated credentials are required.

• Victim interactionNot required

  No user interaction is needed; the attacker can trigger the bypass entirely on their own.

• Attack complexityDetail

  Exploitation is reliable and condition-free; no race conditions or specific memory layout assumptions are required.

Blast Radius

• The attacker reads any data accessible to the PowerShell execution context, including secrets, credentials, and configuration files on the host.
• The attacker writes or modifies files and system state, overwriting configuration, dropping payloads, or altering persisted data.
• The attacker can crash or exhaust resources on the affected service, causing a denial of service for dependent workloads.
• All three impacts are achievable in a single session because the allowlist bypass grants unrestricted PowerShell execution.