CVE-2026-44115: OpenClaw Vulnerability Allows Shell Expansion Bypass
The National Vulnerability Database has identified CVE-2026-44115, a critical vulnerability in OpenClaw affecting versions prior to 2026.4.22. This flaw permits attackers to bypass allowlist validation by embedding shell expansion tokens within unquoted heredoc bodies. The exploit allows for the execution of unapproved commands at runtime, posing a significant risk to systems relying on OpenClaw for command execution or processing.
The CVSS score of 8.8 (HIGH) underscores the severity of this vulnerability. Attackers with low privileges and no user interaction required can exploit this remotely to gain significant control, impacting confidentiality, integrity, and availability. Defenders must prioritize patching OpenClaw instances or implementing strict input validation and monitoring for suspicious command expansions within heredoc structures.
What This Means For You
- If your environment utilizes OpenClaw, immediately verify your version is updated beyond 2026.4.22. Audit logs for any unusual shell expansion patterns or unexpected command executions within heredoc contexts, as this vulnerability could allow unapproved code execution.
Related ATT&CK Techniques
🛡️ Detection Rules
2 rules · 6 SIEM formats2 detection rules auto-generated for this incident, mapped to MITRE ATT&CK. Sigma YAML is free — export to any SIEM format via the Intel Bot.
CVE-2026-44115: OpenClaw Shell Expansion Bypass in Heredoc
title: CVE-2026-44115: OpenClaw Shell Expansion Bypass in Heredoc
id: scw-2026-05-06-ai-1
status: experimental
level: critical
description: |
Detects potential exploitation of CVE-2026-44115 by identifying bash processes attempting to execute commands embedded within heredoc syntax that includes shell expansion tokens. This bypasses allowlist validation by hiding commands within unquoted heredoc bodies.
author: SCW Feed Engine (AI-generated)
date: 2026-05-06
references:
- https://shimiscyberworld.com/posts/nvd-CVE-2026-44115/
tags:
- attack.execution
- attack.t1059.004
logsource:
category: process_creation
detection:
selection:
Image|contains:
- 'bash'
CommandLine|contains:
- '<<EOF'
- '<<<'
CommandLine|contains_regex:
- '.*<<.*\$\([^)]*\).*'
condition: selection
falsepositives:
- Legitimate administrative activity
Source: Shimi's Cyber World · License & reuse
Indicators of Compromise
| ID | Type | Indicator |
|---|---|---|
| CVE-2026-44115 | RCE | OpenClaw < 2026.4.22 |
| CVE-2026-44115 | Code Injection | shell expansion hiding in unquoted heredoc bodies |
| CVE-2026-44115 | Auth Bypass | bypass allowlist validation |
Written by SCW Vulnerability Desk
Source & Attribution
| Source Platform | NVD |
| Channel | National Vulnerability Database |
| Published | May 06, 2026 at 23:16 UTC |
This content was AI-rewritten and enriched by Shimi's Cyber World based on the original source. All intellectual property rights remain with the original author.
Believe this infringes your rights? Submit a takedown request.
Related coverage
CVE-2026-41484 — OpenTelemetry.Exporter.OneCollector is a .NET exporter that
CVE-2026-41484 — OpenTelemetry.Exporter.OneCollector is a .NET exporter that sends telemetry to a OneCollector back-end over HTTP. In versions 1.15.0 and earlier, when a request to...
CVE-2026-41483 — OpenTelemetry.Resources.Azure is the .NET resource detector
CVE-2026-41483 — OpenTelemetry.Resources.Azure is the .NET resource detector for Azure environments. In versions 1.15.0-beta.1 and earlier, the AzureVmMetaDataRequestor class makes HTTP requests to the Azure...
CVE-2026-41417 — Netty allows request-line validation to be bypassed when a
CVE-2026-41417 — Netty allows request-line validation to be bypassed when a `DefaultHttpRequest` or `DefaultFullHttpRequest` is created first and its URI is later changed via `setUri()`....