A vulnerability labeled as problematic has been found in OpenClaw up to 2026.2.18 . This affects the function stripBotMention of the component Block Message Handler . The manipulation results in inefficient regular expression complexity. This vulnerability is known as CVE-2026-22178 . It is possible to launch the attack remotely. No exploit is available. The affected component should be upgraded.