A vulnerability classified as critical was found in OpenClaw up to 2026.2.18 . This issue affects the function tools.exec.safeBins . Executing a manipulation can lead to os command injection. This vulnerability is tracked as CVE-2026-31996 . The attack is restricted to local execution. No exploit exists. Upgrading the affected component is advised.