QClaw

by 腾讯科技(深圳)有限公司v0.2.26

Last updated Jun 12, 2026

随时随地，微信一下，Qclaw 帮你高效干活

Install with winget

$ winget install --id Tencent.QClaw --exact --version 0.2.26

Run in Command Prompt, PowerShell, or Windows Terminal. Prompts for any agreements.

Silent install command for QClaw

QClaw uses EXE (NSIS). The silent install switches are /S.

One-line silent install (x64, machine scope)

QClaw-Setup-0.2.26-5001-557.exe /S

See the full silent install reference for QClaw →

Built by Pckgr

For Intune admins

Stop chasing app updates. Pckgr patches them for you.

Automated application patching for Microsoft Intune. Pckgr keeps a curated library of 1,000+ apps continuously up-to-date in your tenant via Microsoft Graph - no manual repackaging, no chasing vendor sites.

Start free 30-day trial

No credit card required.

About

随时随地，微信一下，Qclaw 帮你高效干活

【开箱即用】自动部署，打开即用。支持 Mac & Windows，内置国产优质大模型，支持切换自定义模型

【微信直联】微信直接对话，远程操控：直接关联微信，零配置，随时随地远程让 AI 干活

【丰富生态】丰富 Skills 生态：支持 Skills 市场，如 ClawHub、GitHub 等丰富生态，Skills 随取随用

【懂你所想】持续记忆，你的专属龙虾：记住偏好和上下文，持续成长，越来越懂你的 AI

【高效操控】本地部署，办公更高效：直接操控文件、浏览器、邮件，不是只会聊天

Installers · v0.2.26

Architecture	Type	Scope	Install	Download
x64	EXE NSIS	machine		Direct

Copy a command tailored to that specific architecture, type, and scope - useful when winget would otherwise pick a different default.

Security

25 known CVEs via NVD

high8.8Fix in v2026.5.27CVE-2026-53819affects before 2026.5.27Jun 11, 2026
OpenClaw before 2026.5.27 contains an arbitrary code execution vulnerability in skill install flows where workspace .env files can override the Homebrew executable selection. Attackers with access to trusted operator workspaces can execute unintended Homebrew-compatible executab...
Vendor advisory
medium6.6Fix in v2026.4.24CVE-2026-53818affects before 2026.4.24Jun 11, 2026
OpenClaw before 2026.4.24 contains an authorization bypass vulnerability in the MCP loopback feature that allows non-owner callers to skip owner-only tool policies and before-tool-call hooks. Attackers can invoke owner-only behavior through the affected loopback path to execute...
Vendor advisory
high8.8Fix in v2026.5.22CVE-2026-53817affects before 2026.5.22Jun 11, 2026
OpenClaw before 2026.5.22 contains a locality validation vulnerability in Control UI pairing that allows attackers with network access to spoof locality information and obtain durable admin-capable device tokens. Attackers can exploit insufficient locality-derived trust validati...
Vendor advisory
high7.2Fix in v2026.5.18CVE-2026-53816affects before 2026.5.18Jun 11, 2026
OpenClaw before 2026.5.18 contains an insufficient provenance validation vulnerability in node event handling that allows paired nodes to forge exec lifecycle events without system.run authorization. A malicious or compromised paired node can send crafted node.event messages to...
Vendor advisory
medium6.5Fix in v2026.5.19CVE-2026-53815affects before 2026.5.19Jun 11, 2026
OpenClaw before 2026.5.19 contains an authorization bypass vulnerability in message read actions that skips channel allowlist checks. Lower-trust callers can request messages from channels not intended for them by exploiting insufficient validation in the affected feature, poten...
Vendor advisory
high8.3Fix in v2026.5.20CVE-2026-53814affects before 2026.5.20Jun 11, 2026
OpenClaw before 2026.5.20 contains a privilege escalation vulnerability where hook-triggered agent runs incorrectly receive owner-scoped MCP loopback authority instead of hook-appropriate scope. Attackers with a valid hook token can exploit the /hooks/agent endpoint to cause spa...
Vendor advisory
high7.8Fix in v2026.4.25CVE-2026-53813affects before 2026.4.25Jun 11, 2026
OpenClaw before 2026.4.25 contains a path traversal vulnerability in memory-core artifact loading where workspace state influences local package root resolution. Attackers with access to affected workspaces can load memory-core artifacts from unintended local locations, potentia...
Vendor advisory
high7.7Fix in v2026.5.18CVE-2026-53812affects before 2026.5.18Jun 11, 2026
OpenClaw before 2026.5.18 contains a server-side request forgery vulnerability in browser control that allows authenticated users to bypass private-network navigation checks through Playwright act interactions. Attackers can trigger navigation to private-network targets via acti...
Vendor advisory

Showing 8 of 25. Source: NVD, updated 6h ago. Patch status is best-effort: NVD's fix version is compared against the latest version in winget, but the two version formats don't always align. Confirm with the vendor advisory before treating any specific build as safe.

See a CVE that affects your fleet? Push the patched version to Intune in one click with Pckgr - automated patching is the only way to keep up.

Related apps

企业微信腾讯科技(深圳)有限公司
Tencent.WeComv5.0.8.6009
让每个企业都有自己的微信
WeChat腾讯科技(深圳)有限公司
Tencent.WeChat.Universalv4.1.10.53
Connecting a billion people with calls, chats and more
TIM腾讯科技(深圳)有限公司
Tencent.TIMv3.4.8.22121
Work efficiency and team collaboration tool
微信输入法腾讯科技(深圳)有限公司
Tencent.WeTypev2.1.0.16
微信输入法是微信官方出品的中文输入法，提供高效的输入体验、精准的推荐策略、多元的创新玩法。
WeChat腾讯科技(深圳)有限公司
Tencent.WeChatv3.9.12.57
Connecting a billion people with calls, chats and more
腾讯QQ腾讯科技(深圳)有限公司
Tencent.QQv9.7.23.29392
An instant messaging tool that gives you the best way to keep in touch with your friends and family

Frequently asked questions

How do I install QClaw on Windows?

Open Windows Terminal, PowerShell, or Command Prompt and run: winget install --id Tencent.QClaw --exact --version 0.2.26. winget downloads the installer from 腾讯科技(深圳)有限公司 and runs it. Requires Windows 10 (1809+) or Windows 11.

How do I install QClaw silently for unattended deployment?

Add --silent and accept the agreements upfront: winget install --id Tencent.QClaw --exact 0.2.26 --silent --accept-package-agreements --accept-source-agreements. This is the variant Intune, Configuration Manager, and other deployment tools should use.

What are the silent install switches for QClaw?

QClaw uses EXE (NSIS). Run the downloaded installer with: QClaw-Setup-0.2.26-5001-557.exe /S. The silent switches are /S.

How do I uninstall QClaw via winget?

Run: winget uninstall --id Tencent.QClaw --exact. Add --silent for unattended uninstalls. winget will use the registered uninstaller from QClaw's Apps & Features entry.

Is QClaw free?

QClaw is distributed under 专有软件. Refer to the publisher (https://qclaw.qq.com/) for the full license terms - Wingetly itself does not charge for installation.

Does QClaw work on Windows 10?

Yes, as long as your Windows 10 build supports winget (1809 or newer). winget ships with App Installer on Windows 10/11 and pulls QClaw directly from the publisher.

How do I keep QClaw up to date?

Run winget upgrade --id Tencent.QClaw --exact, or winget upgrade --all to update everything winget tracks. We index 10 versions of QClaw from microsoft/winget-pkgs.

Recent versions

0.2.26latest
0.2.25
0.2.24
0.2.23
0.2.22
0.2.21
0.2.20
0.2.19
0.2.18
0.2.17