Vulnerability-Lookup

CVE-2026-27486 (GCVE-0-2026-27486)

Vulnerability from cvelistv5 – Published: 2026-02-21 09:32 – Updated: 2026-02-24 18:20

Title

OpenClaw: Process Safety - Unvalidated PID Kill via SIGKILL in Process Cleanup

Summary

OpenClaw is a personal AI assistant. In versions 2026.2.13 and below of the OpenClaw CLI, the process cleanup uses system-wide process enumeration and pattern matching to terminate processes without verifying if they are owned by the current OpenClaw process. On shared hosts, unrelated processes can be terminated if they match the pattern. The CLI runner cleanup helpers can kill processes matched by command-line patterns without validating process ownership. This issue has been fixed in version 2026.2.14.

Severity ?

4.3 (Medium)


                        
                          CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:H

CWE

CWE-283 - Unverified Ownership

Assigner

GitHub_M

References

URL

Tags

	https://github.com/openclaw/openclaw/security/adv…	x_refsource_CONFIRM
	https://github.com/openclaw/openclaw/commit/6084d…	x_refsource_MISC
	https://github.com/openclaw/openclaw/commit/eb60e…	x_refsource_MISC
	https://github.com/openclaw/openclaw/releases/tag…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	openclaw	openclaw	Affected: < 2026.2.14

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-27486",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-24T18:17:10.905740Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-24T18:20:44.858Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "openclaw",
          "vendor": "openclaw",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 2026.2.14"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "OpenClaw is a personal AI assistant. In versions 2026.2.13 and below of the OpenClaw CLI, the process cleanup uses system-wide process enumeration and pattern matching to terminate processes without verifying if they are owned by the current OpenClaw process. On shared hosts, unrelated processes can be terminated if they match the pattern. The CLI runner cleanup helpers can kill processes matched by command-line patterns without validating process ownership. This issue has been fixed in version 2026.2.14."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "LOCAL",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "LOW",
            "subAvailabilityImpact": "HIGH",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:H",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-283",
              "description": "CWE-283: Unverified Ownership",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-21T09:32:45.418Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/openclaw/openclaw/security/advisories/GHSA-jfv4-h8mc-jcp8",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-jfv4-h8mc-jcp8"
        },
        {
          "name": "https://github.com/openclaw/openclaw/commit/6084d13b956119e3cf95daaf9a1cae1670ea3557",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/openclaw/openclaw/commit/6084d13b956119e3cf95daaf9a1cae1670ea3557"
        },
        {
          "name": "https://github.com/openclaw/openclaw/commit/eb60e2e1b213740c3c587a7ba4dbf10da620ca66",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/openclaw/openclaw/commit/eb60e2e1b213740c3c587a7ba4dbf10da620ca66"
        },
        {
          "name": "https://github.com/openclaw/openclaw/releases/tag/v2026.2.14",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/openclaw/openclaw/releases/tag/v2026.2.14"
        }
      ],
      "source": {
        "advisory": "GHSA-jfv4-h8mc-jcp8",
        "discovery": "UNKNOWN"
      },
      "title": "OpenClaw: Process Safety - Unvalidated PID Kill via SIGKILL in Process Cleanup"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-27486",
    "datePublished": "2026-02-21T09:32:45.418Z",
    "dateReserved": "2026-02-19T19:46:03.541Z",
    "dateUpdated": "2026-02-24T18:20:44.858Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-27486\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-02-24T18:17:10.905740Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-02-24T18:19:16.911Z\"}}], \"cna\": {\"title\": \"OpenClaw: Process Safety - Unvalidated PID Kill via SIGKILL in Process Cleanup\", \"source\": {\"advisory\": \"GHSA-jfv4-h8mc-jcp8\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV4_0\": {\"version\": \"4.0\", \"baseScore\": 4.3, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:H\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"PRESENT\", \"privilegesRequired\": \"LOW\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"NONE\", \"subAvailabilityImpact\": \"HIGH\", \"vulnAvailabilityImpact\": \"NONE\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"openclaw\", \"product\": \"openclaw\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 2026.2.14\"}]}], \"references\": [{\"url\": \"https://github.com/openclaw/openclaw/security/advisories/GHSA-jfv4-h8mc-jcp8\", \"name\": \"https://github.com/openclaw/openclaw/security/advisories/GHSA-jfv4-h8mc-jcp8\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/openclaw/openclaw/commit/6084d13b956119e3cf95daaf9a1cae1670ea3557\", \"name\": \"https://github.com/openclaw/openclaw/commit/6084d13b956119e3cf95daaf9a1cae1670ea3557\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/openclaw/openclaw/commit/eb60e2e1b213740c3c587a7ba4dbf10da620ca66\", \"name\": \"https://github.com/openclaw/openclaw/commit/eb60e2e1b213740c3c587a7ba4dbf10da620ca66\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/openclaw/openclaw/releases/tag/v2026.2.14\", \"name\": \"https://github.com/openclaw/openclaw/releases/tag/v2026.2.14\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"OpenClaw is a personal AI assistant. In versions 2026.2.13 and below of the OpenClaw CLI, the process cleanup uses system-wide process enumeration and pattern matching to terminate processes without verifying if they are owned by the current OpenClaw process. On shared hosts, unrelated processes can be terminated if they match the pattern. The CLI runner cleanup helpers can kill processes matched by command-line patterns without validating process ownership. This issue has been fixed in version 2026.2.14.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-283\", \"description\": \"CWE-283: Unverified Ownership\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2026-02-21T09:32:45.418Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2026-27486\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-02-24T18:20:44.858Z\", \"dateReserved\": \"2026-02-19T19:46:03.541Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2026-02-21T09:32:45.418Z\", \"assignerShortName\": \"GitHub_M\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

GHSA-JFV4-H8MC-JCP8

Vulnerability from github – Published: 2026-02-18 17:41 – Updated: 2026-02-23 22:28

Summary

OpenClaw: Process Safety - Unvalidated PID Kill via SIGKILL in Process Cleanup

Details

Summary

OpenClaw CLI process cleanup used system-wide process enumeration and pattern matching to terminate processes without verifying they were owned by the current OpenClaw process. On shared hosts, unrelated processes could be terminated if they matched the pattern.

Affected Packages / Versions

Package: openclaw (npm)
Affected: < 2026.2.14 (including the latest published version 2026.2.13)
Fixed: 2026.2.14 (planned next release)

Details

The CLI runner cleanup helpers could kill processes matched by command-line patterns without validating process ownership.

Fix

Process cleanup is now scoped to owned processes only by filtering to direct child PIDs of the current process (ppid == process.pid) before sending signals.

Hardening follow-ups: - Prefer graceful termination for resume cleanup (SIGTERM, then SIGKILL fallback). - Reduce false negatives from ps argv truncation by preferring wide output (ps -axww) with a fallback. - Tighten command-line token matching to avoid substring matches.

Fix Commit(s)

6084d13b956119e3cf95daaf9a1cae1670ea3557
eb60e2e1b213740c3c587a7ba4dbf10da620ca66

Release Process Note

This advisory is pre-set with patched version 2026.2.14. After 2026.2.14 is published to npm, the remaining step should be to publish this advisory.

Thanks @aether-ai-agent for reporting.

Severity ?

4.3 (Medium)


                  
                    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:H

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "openclaw"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2026.2.14"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-27486"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-283"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-02-18T17:41:09Z",
    "nvd_published_at": "2026-02-21T10:16:12Z",
    "severity": "MODERATE"
  },
  "details": "## Summary\n\nOpenClaw CLI process cleanup used system-wide process enumeration and pattern matching to terminate processes without verifying they were owned by the current OpenClaw process. On shared hosts, unrelated processes could be terminated if they matched the pattern.\n\n## Affected Packages / Versions\n\n- Package: `openclaw` (npm)\n- Affected: `\u003c 2026.2.14` (including the latest published version `2026.2.13`)\n- Fixed: `2026.2.14` (planned next release)\n\n## Details\n\nThe CLI runner cleanup helpers could kill processes matched by command-line patterns without validating process ownership.\n\n## Fix\n\nProcess cleanup is now scoped to owned processes only by filtering to direct child PIDs of the current process (`ppid == process.pid`) before sending signals.\n\nHardening follow-ups:\n- Prefer graceful termination for resume cleanup (`SIGTERM`, then `SIGKILL` fallback).\n- Reduce false negatives from `ps` argv truncation by preferring wide output (`ps -axww`) with a fallback.\n- Tighten command-line token matching to avoid substring matches.\n\n## Fix Commit(s)\n\n- 6084d13b956119e3cf95daaf9a1cae1670ea3557\n- eb60e2e1b213740c3c587a7ba4dbf10da620ca66\n\n## Release Process Note\n\nThis advisory is pre-set with patched version `2026.2.14`. After `2026.2.14` is published to npm, the remaining step should be to publish this advisory.\n\nThanks @aether-ai-agent for reporting.",
  "id": "GHSA-jfv4-h8mc-jcp8",
  "modified": "2026-02-23T22:28:47Z",
  "published": "2026-02-18T17:41:09Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-jfv4-h8mc-jcp8"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27486"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openclaw/openclaw/commit/6084d13b956119e3cf95daaf9a1cae1670ea3557"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openclaw/openclaw/commit/eb60e2e1b213740c3c587a7ba4dbf10da620ca66"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/openclaw/openclaw"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openclaw/openclaw/releases/tag/v2026.2.14"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:H",
      "type": "CVSS_V4"
    }
  ],
  "summary": "OpenClaw: Process Safety - Unvalidated PID Kill via SIGKILL in Process Cleanup"
}

FKIE_CVE-2026-27486

Vulnerability from fkie_nvd - Published: 2026-02-21 10:16 - Updated: 2026-02-24 16:53

Severity ?

5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Summary

References

URL	Tags
security-advisories@github.com	https://github.com/openclaw/openclaw/commit/6084d13b956119e3cf95daaf9a1cae1670ea3557	Patch
security-advisories@github.com	https://github.com/openclaw/openclaw/commit/eb60e2e1b213740c3c587a7ba4dbf10da620ca66	Patch
security-advisories@github.com	https://github.com/openclaw/openclaw/releases/tag/v2026.2.14	Release Notes
security-advisories@github.com	https://github.com/openclaw/openclaw/security/advisories/GHSA-jfv4-h8mc-jcp8	Patch, Vendor Advisory

Impacted products

	Vendor	Product	Version
	openclaw	openclaw	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*",
              "matchCriteriaId": "0F3079A3-9FBD-4E87-821D-5CAF0622C555",
              "versionEndExcluding": "2026.2.14",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "OpenClaw is a personal AI assistant. In versions 2026.2.13 and below of the OpenClaw CLI, the process cleanup uses system-wide process enumeration and pattern matching to terminate processes without verifying if they are owned by the current OpenClaw process. On shared hosts, unrelated processes can be terminated if they match the pattern. The CLI runner cleanup helpers can kill processes matched by command-line patterns without validating process ownership. This issue has been fixed in version 2026.2.14."
    },
    {
      "lang": "es",
      "value": "OpenClaw es un asistente personal de IA. En las versiones 2026.2.13 e inferiores de la CLI de OpenClaw, la limpieza de procesos utiliza la enumeraci\u00f3n de procesos a nivel de sistema y la coincidencia de patrones para terminar procesos sin verificar si son propiedad del proceso actual de OpenClaw. En hosts compartidos, los procesos no relacionados pueden ser terminados si coinciden con el patr\u00f3n. Los ayudantes de limpieza del ejecutor de la CLI pueden eliminar procesos que coinciden con patrones de l\u00ednea de comandos sin validar la propiedad del proceso. Este problema ha sido solucionado en la versi\u00f3n 2026.2.14."
    }
  ],
  "id": "CVE-2026-27486",
  "lastModified": "2026-02-24T16:53:20.537",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ],
    "cvssMetricV40": [
      {
        "cvssData": {
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "attackComplexity": "LOW",
          "attackRequirements": "PRESENT",
          "attackVector": "LOCAL",
          "availabilityRequirement": "NOT_DEFINED",
          "baseScore": 4.3,
          "baseSeverity": "MEDIUM",
          "confidentialityRequirement": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "privilegesRequired": "LOW",
          "providerUrgency": "NOT_DEFINED",
          "subAvailabilityImpact": "HIGH",
          "subConfidentialityImpact": "NONE",
          "subIntegrityImpact": "NONE",
          "userInteraction": "NONE",
          "valueDensity": "NOT_DEFINED",
          "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "version": "4.0",
          "vulnAvailabilityImpact": "NONE",
          "vulnConfidentialityImpact": "NONE",
          "vulnIntegrityImpact": "NONE",
          "vulnerabilityResponseEffort": "NOT_DEFINED"
        },
        "source": "security-advisories@github.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2026-02-21T10:16:12.903",
  "references": [
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/openclaw/openclaw/commit/6084d13b956119e3cf95daaf9a1cae1670ea3557"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/openclaw/openclaw/commit/eb60e2e1b213740c3c587a7ba4dbf10da620ca66"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Release Notes"
      ],
      "url": "https://github.com/openclaw/openclaw/releases/tag/v2026.2.14"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-jfv4-h8mc-jcp8"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-283"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2026-27486 (GCVE-0-2026-27486)

GHSA-JFV4-H8MC-JCP8

Summary

Affected Packages / Versions

Details

Fix

Fix Commit(s)

Release Process Note

FKIE_CVE-2026-27486

Tags

Sightings

Nomenclature