A vulnerability classified as critical has been found in OpenClaw up to 2026.3.0 on Windows. This vulnerability affects unknown code of the component Wrapper . Performing a manipulation results in os command injection. This vulnerability is identified as CVE-2026-31999 . The attack is only possible with local access. There is not any exploit available. It is recommended to upgrade the affected component.