Vulnerability in Openclaw

CVE-2026-27486

OpenClaw is a personal AI assistant. In versions 2026.2.13 and below of the OpenClaw CLI, the process cleanup uses system-wide process enumeration and pattern matching to terminate processes without verifying if they are owned by the curre…

EPSS: 0.000 (5.5th percentile) — read the EPSS interpretation.

Affected products

Openclaw — versions < 2026.2.14

Weakness classification (CWE)

CWE-283

References

https://github.com/openclaw/openclaw/security/advisories/GHSA-jfv4-h8mc-jcp8 (x_refsource_CONFIRM)
https://github.com/openclaw/openclaw/commit/6084d13b956119e3cf95daaf9a1cae1670ea3557 (x_refsource_MISC)
https://github.com/openclaw/openclaw/commit/eb60e2e1b213740c3c587a7ba4dbf10da620ca66 (x_refsource_MISC)
https://github.com/openclaw/openclaw/releases/tag/v2026.2.14 (x_refsource_MISC)