CVE-2026-44115 POC (Proof-of-Concept)

CVE-2026-44115 POC (Proof-of-Concept)

OpenClaw before 2026.4.22 contains an exec allowlist analysis vulnerability allowing shell expansion hiding in unquoted heredoc bodies. Attackers can bypass allowlist validation by embedding shell expansion tokens in heredoc bodies to execute unapproved commands at runtime.

Published: 2026-05-06

CVSS: 8.8

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Download CVE-2026-44115 POC (Proof-of-Concept) here:

Tip: Download official Tor Browser at https://www.torproject.org/download/ to access .onion links.

https://hokyo.gr/poc-391-cve-2026-25243/

https://hokyo.gr/poc-734-cve-2026-5788/

Copyright 2017- 2025 Hokyo JapanEats ©