CVE-2026-27486

## Summary OpenClaw CLI process cleanup used system-wide process enumeration and pattern matching to terminate processes without verifying they were owned by the current OpenClaw process. On shared hosts, unrelated processes could be terminated if they matched the pattern. ## Affected Packages / Versions - Package: `openclaw` (npm) - Affected: `< 2026.2.14` (including the latest published version `2026.2.13`) - Fixed: `2026.2.14` (planned next release) ## Details The CLI runner cleanup helpers could kill processes matched by command-line patterns without validating process ownership. ## Fix Process cleanup is now scoped to owned processes only by filtering to direct child PIDs of the current process (`ppid == process.pid`) before sending signals. Hardening follow-ups: - Prefer graceful termination for resume cleanup (`SIGTERM`, then `SIGKILL` fallback). - Reduce false negatives from `ps` argv truncation by preferring wide output (`ps -axww`) with a fallback. - Tighten command-line token matching to avoid substring matches. ## Fix Commit(s) - 6084d13b956119e3cf95daaf9a1cae1670ea3557 - eb60e2e1b213740c3c587a7ba4dbf10da620ca66 ## Release Process Note This advisory is pre-set with patched version `2026.2.14`. After `2026.2.14` is published to npm, the remaining step should be to publish this advisory. Thanks @aether-ai-agent for reporting.

## Summary OpenClaw CLI process cleanup used system-wide process enumeration and pattern matching to terminate processes without verifying they were owned by the current OpenClaw process. On shared hosts, unrelated processes could be terminated if they matched the pattern. ## Affected Packages / Versions - Package: `openclaw` (npm) - Affected: `< 2026.2.14` (including the latest published version `2026.2.13`) - Fixed: `2026.2.14` (planned next release) ## Details The CLI runner cleanup helpers could kill processes matched by command-line patterns without validating process ownership. ## Fix Process cleanup is now scoped to owned processes only by filtering to direct child PIDs of the current process (`ppid == process.pid`) before sending signals. Hardening follow-ups: - Prefer graceful termination for resume cleanup (`SIGTERM`, then `SIGKILL` fallback). - Reduce false negatives from `ps` argv truncation by preferring wide output (`ps -axww`) with a fallback. - Tighten command-line token matching to avoid substring matches. ## Fix Commit(s) - 6084d13b956119e3cf95daaf9a1cae1670ea3557 - eb60e2e1b213740c3c587a7ba4dbf10da620ca66 ## Release Process Note This advisory is pre-set with patched version `2026.2.14`. After `2026.2.14` is published to npm, the remaining step should be to publish this advisory. Thanks @aether-ai-agent for reporting.

OpenClaw es un asistente personal de IA. En las versiones 2026.2.13 e inferiores de la CLI de OpenClaw, la limpieza de procesos utiliza la enumeración de procesos a nivel de sistema y la coincidencia de patrones para terminar procesos sin verificar si son propiedad del proceso actual de OpenClaw. En hosts compartidos, los procesos no relacionados pueden ser terminados si coinciden con el patrón. Los ayudantes de limpieza del ejecutor de la CLI pueden eliminar procesos que coinciden con patrones de línea de comandos sin validar la propiedad del proceso. Este problema ha sido solucionado en la versión 2026.2.14.