CVE-2026-27486— OpenClaw: Process Safety - Unvalidated PID Kill via SIGKILL in Process Cleanup
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-27486
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
OpenClaw: Process Safety - Unvalidated PID Kill via SIGKILL in Process Cleanup
Source: NVD (National Vulnerability Database)
Vulnerability Description
OpenClaw is a personal AI assistant. In versions 2026.2.13 and below of the OpenClaw CLI, the process cleanup uses system-wide process enumeration and pattern matching to terminate processes without verifying if they are owned by the current OpenClaw process. On shared hosts, unrelated processes can be terminated if they match the pattern. The CLI runner cleanup helpers can kill processes matched by command-line patterns without validating process ownership. This issue has been fixed in version 2026.2.14.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
未经验证的属主
Source: NVD (National Vulnerability Database)
Vulnerability Title
OpenClaw 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
OpenClaw是openclaw开源的一个智能人工助理。 OpenClaw 2026.2.13及之前版本存在安全漏洞,该漏洞源于进程清理使用系统范围的进程枚举和模式匹配而未验证所有权,可能导致在共享主机上终止无关进程。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2026-27486
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-27486
请登录查看更多情报信息。
Same Patch Batch · openclaw · 2026-02-21 · 6 CVEs total
| CVE-2026-27487 | 7.6 HIGH | OpenClaw: Prevent shell injection in macOS keychain credential write |
| CVE-2026-27576 | OpenClaw: ACP prompt-size checks missing in local stdio bridge could reduce responsiveness | |
| CVE-2026-27488 | OpenClaw hardened cron webhook delivery against SSRF | |
| CVE-2026-27485 | OpenClaw affected by Stored XSS in Control UI via unsanitized assistant name/avatar in inl | |
| CVE-2026-27484 | OpenClaw Discord moderation authorization used untrusted sender identity in tool-driven fl |
IV. Related Vulnerabilities
Same product: openclaw
- CVE-2026-44118
OpenClaw < 2026.4.22 - Owner Context Spoofing via Bearer Tok - CVE-2026-44116
OpenClaw < 2026.4.22 - Server-Side Request Forgery in Zalo P - CVE-2026-44117
OpenClaw < 2026.4.20 - Server-Side Request Forgery in QQBot - CVE-2026-44115
OpenClaw < 2026.4.22 - Shell Expansion Bypass in Unquoted He - CVE-2026-44114
OpenClaw < 2026.4.20 - Environment Variable Namespace Collis
Same vendor: openclaw
- CVE-2026-44118
OpenClaw < 2026.4.22 - Owner Context Spoofing via Bearer Tok - CVE-2026-44117
OpenClaw < 2026.4.20 - Server-Side Request Forgery in QQBot - CVE-2026-44116
OpenClaw < 2026.4.22 - Server-Side Request Forgery in Zalo P - CVE-2026-44115
OpenClaw < 2026.4.22 - Shell Expansion Bypass in Unquoted He - CVE-2026-44114
OpenClaw < 2026.4.20 - Environment Variable Namespace Collis
Same weakness: CWE-283
- CVE-2026-40337
Sentry kernel has incomplete ownership check for IRQ line ma - CVE-2026-29788
TSPortal: Anyone can forge self-deletion requests of any use - CVE-2026-0598
Ansible-lightspeed: broken object level authorization leadin - CVE-2025-12815
Amazon Web Services Research and Engineering Studio 安全漏洞 - CVE-2025-36091
IBM Business Automation Insights unverified ownership
V. Comments for CVE-2026-27486
No comments yet