CVE-2026-31994 | OpenClaw up to 2026.2.18 Windows Scheduled Task Script Generation os command injection (GHSA-mqr9-vqhq-3jxw)

A vulnerability has been found in OpenClaw up to 2026.2.18 and classified as critical. Affected is an unknown function of the component Windows Scheduled Task Script Generation. Performing a manipulation results in os command injection.

This vulnerability is cataloged as CVE-2026-31994. The attack must be initiated from a local position. There is no exploit available.

The affected component should be upgraded.VulDB Recent EntriesRead More