OpenClaw 2026.2.6 < 2026.2.14 Deep Link Message Truncation (macOS) (GHSA-7q2j-c4q5-rm27)

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(299796);
  script_version("1.3");
  script_set_attribute(attribute:"plugin_modification_date", value:"2026/02/27");

  script_cve_id("CVE-2026-26320");

  script_name(english:"OpenClaw 2026.2.6 < 2026.2.14 Deep Link Message Truncation (macOS) (GHSA-7q2j-c4q5-rm27)");

  script_set_attribute(attribute:"synopsis", value:
"The remote macOS host is affected by a remote code execution vulnerability.");
  script_set_attribute(attribute:"description", value:
"The version of the OpenClaw AI assistant installed on the remote macOS host is 2026.2.6 or later but prior to 2026.2.14. It is,
therefore, affected by a remote code execution vulnerability:

  - The OpenClaw macOS desktop client registers the openclaw:// URL scheme. For openclaw://agent deep links without an
    unattended key, the app shows a confirmation dialog that only displays the first 240 characters of the message but
    executes the full message after the user clicks Run. An attacker could pad the message with whitespace to push a
    malicious payload outside the visible preview, increasing the chance a user approves a different message than the
    one that is actually executed. (CVE-2026-26320)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
  # https://github.com/openclaw/openclaw/security/advisories/GHSA-7q2j-c4q5-rm27
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?5105305a");
  script_set_attribute(attribute:"see_also", value:"https://github.com/openclaw/openclaw/releases/tag/v2026.2.14");
  script_set_attribute(attribute:"solution", value:
"Upgrade to OpenClaw version 2026.2.14 or later.");
  script_set_attribute(attribute:"agent", value:"unix");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:C/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss4_vector", value:"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N");
  script_set_attribute(attribute:"cvss4_threat_vector", value:"CVSS:4.0/E:U");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2026-26320");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2026/02/19");
  script_set_attribute(attribute:"patch_publication_date", value:"2026/02/15");
  script_set_attribute(attribute:"plugin_publication_date", value:"2026/02/23");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:openclaw:openclaw");
  script_set_attribute(attribute:"thorough_tests", value:"true");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Artificial Intelligence");

  script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("molty_clawdbot_moltbot_detect.nasl");
  script_require_keys("installed_sw/OpenClaw");

  exit(0);
}

include('vdf.inc');

# @tvdl-content
var vuln_data = {
  'metadata': {'spec_version': '1.0'},
  'requires': [
    {'scope': 'target', 'match': {'os': 'macos'}}
  ],
  'checks': [
    {
      'product': {'name': 'OpenClaw', 'type': 'app'},
      'check_algorithm': 'default',
      'constraints': [
        {'min_version': '2026.2.6', 'fixed_version': '2026.2.14'}
      ]
    }
  ]
};

var result = vdf::check_and_report(vuln_data:vuln_data, severity:SECURITY_HOLE);
vdf::handle_check_and_report_errors(vdf_result:result);