OpenClaw versions prior to 2026.2.22 contain an allowlist bypass vulnerability in the safeBins configuration that allows attackers to…
VulnCheck·CWE-78·Published 2026-03-03
OpenClaw versions prior to 2026.2.22 contain an allowlist bypass vulnerability in the safeBins configuration that allows attackers to invoke external helpers through the compress-program option. When sort is explicitly added to tools.exec.safeBins, remote attackers can bypass intended safe-bin approval constraints by leveraging the compress-program parameter to execute unauthorized external programs.
OpenClaw versions prior to 2026.2.22 contain an allowlist bypass vulnerability in the safeBins configuration that allows attackers to invoke external helpers through the compress-program option. When sort is explicitly added to tools.exec.safeBins, remote attackers can bypass intended safe-bin approval constraints by leveraging the compress-program parameter to execute unauthorized external programs.
When `sort` is explicitly added to `tools.exec.safeBins` (non-default), the `--compress-program` option can invoke an external helper and bypass the intended safe-bin approval constraints in allowlist mode. ## Affected Packages / Versions - Package: `openclaw` (npm) - Vulnerable versions: `<=2026.2.21-2` - Latest published npm version checked during triage: `2026.2.21-2` (as of February 22, 2026) - Patched in planned next release: `2026.2.22` ## Fix Commit(s) - `57fbbaebca4d34d17549accf6092ae26eb7b605c` ## Release Process Note `patched_versions` is pre-set to the planned next release (`>=2026.2.22`). Once that npm release is published, the advisory can be published directly. OpenClaw thanks @tdjackey for reporting.
When `sort` is explicitly added to `tools.exec.safeBins` (non-default), the `--compress-program` option can invoke an external helper and bypass the intended safe-bin approval constraints in allowlist mode. ## Affected Packages / Versions - Package: `openclaw` (npm) - Vulnerable versions: `<=2026.2.21-2` - Latest published npm version checked during triage: `2026.2.21-2` (as of February 22, 2026) - Patched in planned next release: `2026.2.22` ## Fix Commit(s) - `57fbbaebca4d34d17549accf6092ae26eb7b605c` ## Release Process Note `patched_versions` is pre-set to the planned next release (`>=2026.2.22`). Once that npm release is published, the advisory can be published directly. OpenClaw thanks @tdjackey for reporting.
Las versiones de OpenClaw anteriores a 2026.2.22 contienen una vulnerabilidad de omisión de lista de permitidos en la configuración de safeBins que permite a los atacantes invocar ayudantes externos a través de la opción compress-program. Cuando sort se añade explícitamente a tools.exec.safeBins, los atacantes remotos pueden omitir las restricciones de aprobación de safe-bin previstas aprovechando el parámetro compress-program para ejecutar programas externos no autorizados.
| Version | Type | Source | Base | Exp | Impact | Vector |
|---|---|---|---|---|---|---|
| 3.1 | Primary | NVD | 6.7 | 0.8 | 5.9 | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
| 3.1 | Primary | cve.org | 6.7 | — | — | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
| 3.1 | Secondary | NVD | 7.0 | 1.0 | 5.9 | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
| 3.1 | Secondary | GHSA | 6.4 | — | — | CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H |
| 4.0 | Primary | cve.org | 7.1 | — | — | CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |
| 4.0 | Secondary | NVD | 7.1 | — | — | CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |