QClaw

by 腾讯科技(深圳)有限公司v0.2.26

Last updated Jun 12, 2026

随时随地，微信一下，Qclaw 帮你高效干活

Install with winget

$ winget install --id Tencent.QClaw --exact --version 0.2.26

Run in Command Prompt, PowerShell, or Windows Terminal. Prompts for any agreements.

Silent install command for QClaw

QClaw uses EXE (NSIS). The silent install switches are /S.

One-line silent install (x64, machine scope)

QClaw-Setup-0.2.26-5001-557.exe /S

See the full silent install reference for QClaw →

Built by Pckgr

For Intune admins

Stop chasing app updates. Pckgr patches them for you.

Automated application patching for Microsoft Intune. Pckgr keeps a curated library of 1,000+ apps continuously up-to-date in your tenant via Microsoft Graph - no manual repackaging, no chasing vendor sites.

Start free 30-day trial

No credit card required.

About

随时随地，微信一下，Qclaw 帮你高效干活

【开箱即用】自动部署，打开即用。支持 Mac & Windows，内置国产优质大模型，支持切换自定义模型

【微信直联】微信直接对话，远程操控：直接关联微信，零配置，随时随地远程让 AI 干活

【丰富生态】丰富 Skills 生态：支持 Skills 市场，如 ClawHub、GitHub 等丰富生态，Skills 随取随用

【懂你所想】持续记忆，你的专属龙虾：记住偏好和上下文，持续成长，越来越懂你的 AI

【高效操控】本地部署，办公更高效：直接操控文件、浏览器、邮件，不是只会聊天

Installers · v0.2.26

Architecture	Type	Scope	Install	Download
x64	EXE NSIS	machine		Direct

Copy a command tailored to that specific architecture, type, and scope - useful when winget would otherwise pick a different default.

Security

25 known CVEs via NVD

high8.8Fix in v2026.5.18CVE-2026-35674affects before 2026.5.18May 29, 2026
OpenClaw before 2026.5.18 contains a scope bypass vulnerability in the Gateway chat.send route that allows scoped clients to execute privileged commands. Attackers with operator.write scope can deliver commands through inherited external routes to bypass operator.approvals and o...
Vendor advisory
medium6.5Fix in v2026.4.29CVE-2026-35673affects before 2026.4.29May 29, 2026
OpenClaw before 2026.4.29 contains an SSRF policy bypass vulnerability in browser debug and export routes that allows reuse of already-open blocked tabs. Attackers with access to these routes can bypass private-network SSRF policies by reusing blocked tabs to export or inspect c...
Vendor advisory
high8.0Fix in v2026.5.18CVE-2026-35630affects before 2026.5.18May 29, 2026
OpenClaw before 2026.5.18 contains an authorization bypass vulnerability in QQBot native approval buttons that fails to enforce configured approver identity. Non-approver users can click approval buttons to resolve pending exec or plugin approval requests without proper authoriz...
Vendor advisory
medium5.4Fix in v2026.4.29CVE-2026-34507affects before 2026.4.29May 29, 2026
OpenClaw before 2026.4.29 contains a policy bypass vulnerability in QQBot admin commands that allows authenticated senders to skip DM-only and allowFrom policy checks. Attackers can route admin commands from unauthorized senders or contexts to execute restricted behavior that po...
Vendor advisory
medium4.3Fix in v2026.5.12CVE-2026-32906affects before 2026.5.12May 29, 2026
OpenClaw before 2026.5.12 contains a privilege escalation vulnerability in Slack plugin approvals that allows exec-authorized users to resolve plugin approvals through the exec approver gate. Attackers with limited exec approval permissions can bypass intended approval splits to...
Vendor advisory
high8.3Fix in v2026.5.4CVE-2026-32905affects before 2026.5.4May 29, 2026
OpenClaw before 2026.5.4 contains an authorization bypass vulnerability in the bundled device-pair plugin that allows non-owner authorized chat senders to issue device-pairing bootstrap codes without proper scope validation. Attackers with chat command access can create setup co...
Vendor advisory
high7.3Fix in v2026.2.12CVE-2026-8305affects before 2026.2.12May 11, 2026
A vulnerability was detected in OpenClaw up to 2026.1.24. The impacted element is the function handleBlueBubblesWebhookRequest of the file extensions/bluebubbles/src/monitor.ts of the component bluebubbles Webhook. Performing a manipulation results in improper authentication. It...
Patch Vendor advisory
high8.8Fix in v2026.4.23CVE-2026-45006affects before 2026.4.23May 11, 2026
OpenClaw before 2026.4.23 contains an improper access control vulnerability in the gateway tool's config.apply and config.patch operations that allows compromised models to write unsafe configuration changes by bypassing an incomplete denylist protection. Attackers can persist m...
Patch

Showing 8 of 25. Source: NVD, updated 5h ago. Patch status is best-effort: NVD's fix version is compared against the latest version in winget, but the two version formats don't always align. Confirm with the vendor advisory before treating any specific build as safe.

See a CVE that affects your fleet? Push the patched version to Intune in one click with Pckgr - automated patching is the only way to keep up.

Related apps

企业微信腾讯科技(深圳)有限公司
Tencent.WeComv5.0.8.6009
让每个企业都有自己的微信
TIM腾讯科技(深圳)有限公司
Tencent.TIMv3.4.8.22121
Work efficiency and team collaboration tool
WeChat腾讯科技(深圳)有限公司
Tencent.WeChat.Universalv4.1.10.53
Connecting a billion people with calls, chats and more
微信输入法腾讯科技(深圳)有限公司
Tencent.WeTypev2.1.0.16
微信输入法是微信官方出品的中文输入法，提供高效的输入体验、精准的推荐策略、多元的创新玩法。
WeChat腾讯科技(深圳)有限公司
Tencent.WeChatv3.9.12.57
Connecting a billion people with calls, chats and more
腾讯QQ腾讯科技(深圳)有限公司
Tencent.QQv9.7.23.29392
An instant messaging tool that gives you the best way to keep in touch with your friends and family

Frequently asked questions

How do I install QClaw on Windows?

Open Windows Terminal, PowerShell, or Command Prompt and run: winget install --id Tencent.QClaw --exact --version 0.2.26. winget downloads the installer from 腾讯科技(深圳)有限公司 and runs it. Requires Windows 10 (1809+) or Windows 11.

How do I install QClaw silently for unattended deployment?

Add --silent and accept the agreements upfront: winget install --id Tencent.QClaw --exact 0.2.26 --silent --accept-package-agreements --accept-source-agreements. This is the variant Intune, Configuration Manager, and other deployment tools should use.

What are the silent install switches for QClaw?

QClaw uses EXE (NSIS). Run the downloaded installer with: QClaw-Setup-0.2.26-5001-557.exe /S. The silent switches are /S.

How do I uninstall QClaw via winget?

Run: winget uninstall --id Tencent.QClaw --exact. Add --silent for unattended uninstalls. winget will use the registered uninstaller from QClaw's Apps & Features entry.

Is QClaw free?

QClaw is distributed under 专有软件. Refer to the publisher (https://qclaw.qq.com/) for the full license terms - Wingetly itself does not charge for installation.

Does QClaw work on Windows 10?

Yes, as long as your Windows 10 build supports winget (1809 or newer). winget ships with App Installer on Windows 10/11 and pulls QClaw directly from the publisher.

How do I keep QClaw up to date?

Run winget upgrade --id Tencent.QClaw --exact, or winget upgrade --all to update everything winget tracks. We index 10 versions of QClaw from microsoft/winget-pkgs.

Recent versions

0.2.26latest
0.2.25
0.2.24
0.2.23
0.2.22
0.2.21
0.2.20
0.2.19
0.2.18
0.2.17