CVE-2026-53859— OpenClaw < 2026.5.26 - Hostname Validation Bypass via Trailing-Dot Inconsistency
Possible ATT&CK Techniques 1AI
T1190 · Exploit Public-Facing ApplicationGet alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-53859
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
OpenClaw < 2026.5.26 - Hostname Validation Bypass via Trailing-Dot Inconsistency
Source: NVD (National Vulnerability Database)
Vulnerability Description
OpenClaw before 2026.5.26 contains a hostname validation vulnerability allowing attackers to bypass blocklist comparisons using trailing-dot notation in model or workspace-derived URLs. Attackers can exploit inconsistent hostname checks to reach destinations that operators intended to block through hostname policies.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
缺失要素致使对比不完全
Source: NVD (National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2026-53859
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-53859
请登录查看更多情报信息。
Vendor Advisories for CVE-2026-53859 (2)
Same Patch Batch · OpenClaw · 2026-06-16 · 27 CVEs total
| CVE-2026-53843 | 8.8 HIGH | OpenClaw < 2026.5.26 - Node Token Revocation Bypass via Pairing-Scoped Device Session |
| CVE-2026-53853 | 8.3 HIGH | OpenClaw < 2026.5.12 - Argument Pattern Bypass in Exec Allowlist via Linux and macOS |
| CVE-2026-53849 | 8.1 HIGH | OpenClaw < 2026.5.7 - Privilege Escalation via Mutable Discord Display Names in allowFrom |
| CVE-2026-53857 | 8.1 HIGH | OpenClaw < 2026.5.3 - Mutable Display Name Binding in Zalo allowFrom Policy |
| CVE-2026-53864 | 8.1 HIGH | OpenClaw < 2026.5.26 - Insufficient Environment Variable Sanitization in Node.js Control V |
| CVE-2026-53855 | 8.1 HIGH | OpenClaw < 2026.4.2 - Shell Positional Parameters Bypass in Inline-Eval Checks |
| CVE-2026-53866 | 8.1 HIGH | OpenClaw < 2026.5.12 - Allowlist Bypass in Shell Inline-Command Parsing |
| CVE-2026-53863 | 7.1 HIGH | OpenClaw < 2026.4.25 - Unvalidated Group ID Acceptance in Tool Group Policy |
| CVE-2026-53846 | 7.1 HIGH | OpenClaw < 2026.4.29 - Arbitrary Package Manager Execution via Workspace .env npm_execpath |
| CVE-2026-53865 | 7.1 HIGH | OpenClaw < 2026.5.2 - Arbitrary Command Execution via Workspace-Derived Service PATH |
| CVE-2026-53858 | 7.1 HIGH | OpenClaw < 2026.5.2 - Arbitrary Runtime Dependency Loading via STATE_DIRECTORY Environment |
| CVE-2026-53840 | 7.1 HIGH | OpenClaw < 2026.5.12 - Custom Header Leakage via MCP Streamable HTTP Cross-Origin Redirect |
| CVE-2026-53842 | 7.1 HIGH | OpenClaw < 2026.5.2 - Arbitrary Python Runtime Execution via CLOUDSDK_PYTHON Environment V |
| CVE-2026-53861 | 6.6 MEDIUM | OpenClaw < 2026.5.6 - Allowlist Bypass via Combined POSIX Inline Flags on macOS |
| CVE-2026-53854 | 6.5 MEDIUM | OpenClaw < 2026.4.25 - Privilege Escalation via ownerAllowFrom Wildcard Inheritance in Int |
| CVE-2026-53844 | 6.5 MEDIUM | OpenClaw < 2026.4.29 - Session Visibility Check Bypass in Shared Memory Search |
| CVE-2026-53841 | 6.1 MEDIUM | OpenClaw < 2026.5.12 - Cross-Site Scripting via Unsafe Markdown Links in Exported Session |
| CVE-2026-53856 | 5.5 MEDIUM | OpenClaw 2026.4.23 < 2026.4.24 - Insecure File Permissions in Config Recovery via OpenClaw |
| CVE-2026-53850 | 5.5 MEDIUM | OpenClaw < 2026.4.25 - Control Scope Enforcement Bypass in Focus Command |
| CVE-2026-53852 | 5.4 MEDIUM | OpenClaw < 2026.4.25 - Scope Bypass via Empty-Scope Device Re-pairing |
Showing top 20 of 27 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same product: OpenClaw
- CVE-2026-53865
OpenClaw < 2026.5.2 - Arbitrary Command Execution via Works - CVE-2026-53866
OpenClaw < 2026.5.12 - Allowlist Bypass in Shell Inline-Comm - CVE-2026-53864
OpenClaw < 2026.5.26 - Insufficient Environment Variable San - CVE-2026-53863
OpenClaw < 2026.4.25 - Unvalidated Group ID Acceptance in To - CVE-2026-53862
OpenClaw < 2026.5.12 - Bootstrap Token Replay via Pending Pa
Same vendor: OpenClaw
- CVE-2026-53866
OpenClaw < 2026.5.12 - Allowlist Bypass in Shell Inline-Comm - CVE-2026-53865
OpenClaw < 2026.5.2 - Arbitrary Command Execution via Works - CVE-2026-53864
OpenClaw < 2026.5.26 - Insufficient Environment Variable San - CVE-2026-53862
OpenClaw < 2026.5.12 - Bootstrap Token Replay via Pending Pa - CVE-2026-53863
OpenClaw < 2026.4.25 - Unvalidated Group ID Acceptance in To
Same weakness: CWE-1023
- CVE-2026-53839
OpenClaw < 2026.5.7 - Hostname Prefix Matching Bypass in Tru - CVE-2026-7473
Arista EOS Unexpected Tunnel Protocol Decapsulation and Forw - CVE-2026-48587
Potential exposure of private data via whitespace padding in - CVE-2026-4599
jsrsasign 安全漏洞 - CVE-2025-62000
BullWall Ransomware Containment incomplete file inspection
V. Comments for CVE-2026-53859
No comments yet