CVE-2026-41390 OpenClaw < 2026.3.28 - Exec Allowlist Bypass via Unregistered /usr/bin/script Wrapper

OpenClaw before 2026.3.28 contains an exec allowlist bypass vulnerability where allow-always persistence fails to unwrap /usr/bin/script and similar wrappers before storing trust decisions. Attackers can obtain user approval for one wrapped command to persist trust for wrapper binaries that execu...

PT-2026-35804

OpenClaw before 2026.4.8 contains an improper authorization vulnerability where the node.pair.approve method accepts operator.write scope instead of the narrower operator.pairing scope, allowing unprivileged users to approve node pairing. Attackers with operator.write permissions can bypass pairi...

PT-2026-35776

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.3.31 Description An exec allowlist bypass allows attackers to inherit allowlist trust through shell init-file wrapper invocations. By utilizing shell options such as --rcfile, --init-file, and --startup-file,...

PT-2026-35765

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.3.28 Description An execution approval issue exists in exec-approvals-allowlist.ts where allow-always persistence trusts wrapper carrier executables instead of the actual invoked targets. This allows attackers t...

PT-2026-35758

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.3.31 Description An incomplete host-env-security-policy.json fails to restrict compiler binary environment variables. This allows untrusted models to substitute CC, CXX, CARGO BUILD RUSTC, and CMAKE C COMPILER...

GHSA-695C-X5GC-94GJ Apache camel-coap allows header injection that can lead to remote code execution

Apache Camel's camel-coap component is vulnerable to header injection because it maps CoAP request URI query parameters directly into Camel message headers without applying a HeaderFilterStrategy. An unauthenticated attacker can send a crafted CoAP request to inject arbitrary Camel internal heade...

CVE-2026-7066

A vulnerability was found in choieastsea simple-openstack-mcp up to 767b2f4a8154cca344344b9725537a58399e6036. The affected element is the function execopenstack of the file server.py. The manipulation results in os command injection. It is possible to launch the attack remotely. The exploit has...

EUVD-2026-25736

A vulnerability was found in choieastsea simple-openstack-mcp up to 767b2f4a8154cca344344b9725537a58399e6036. The affected element is the function execopenstack of the file server.py. The manipulation results in os command injection. It is possible to launch the attack remotely. The exploit has...

PT-2026-35273

Name of the Vulnerable Software and Affected Versions choieastsea simple-openstack-mcp versions prior to 767b2f4a8154cca344344b9725537a58399e6036 Description An OS command injection flaw exists that allows remote attackers to execute arbitrary commands. The issue is located within the exec...

CVE-2026-41330

OpenClaw before 2026.3.31 contains an environment variable override vulnerability in host exec policy that fails to properly enforce proxy, TLS, Docker, and Git TLS controls. Attackers can bypass security controls by overriding environment variables to circumvent proxy settings, TLS verification,...

CVE-2026-41330 OpenClaw < 2026.3.31 - Environment Variable Override via Host Exec Policy

OpenClaw before 2026.3.31 contains an environment variable override vulnerability in host exec policy that fails to properly enforce proxy, TLS, Docker, and Git TLS controls. Attackers can bypass security controls by overriding environment variables to circumvent proxy settings, TLS verification,...

CVE-2026-41330

OpenClaw (npm) vulnerable through host exec policy: environment variable overrides allow bypassing proxy, TLS verification, Docker restrictions, and Git TLS enforcement. Affected versions = 2026.3.31.

CVE-2026-41330 OpenClaw < 2026.3.31 - Environment Variable Override via Host Exec Policy

OpenClaw before 2026.3.31 contains an environment variable override vulnerability in host exec policy that fails to properly enforce proxy, TLS, Docker, and Git TLS controls. Attackers can bypass security controls by overriding environment variables to circumvent proxy settings, TLS verification,...

PT-2026-33872

OpenClaw before 2026.3.31 contains an environment variable override vulnerability in host exec policy that fails to properly enforce proxy, TLS, Docker, and Git TLS controls. Attackers can bypass security controls by overriding environment variables to circumvent proxy settings, TLS verification,...

GHSA-2CQ5-MF3V-MX44 OpenClaw: busybox and toybox applet execution weakened exec approval binding

Summary busybox and toybox applet execution weakened exec approval binding. Affected Packages / Versions - Package: openclaw - Ecosystem: npm - Affected versions: = 2026.2.23 = 2026.4.12 Impact Opaque multi-call binaries such as busybox and toybox could obscure which applet or script-like behavio...

OpenClaw: busybox and toybox applet execution weakened exec approval binding

Summary busybox and toybox applet execution weakened exec approval binding. Affected Packages / Versions - Package: openclaw - Ecosystem: npm - Affected versions: = 2026.2.23 = 2026.4.12 Impact Opaque multi-call binaries such as busybox and toybox could obscure which applet or script-like behavio...

GHSA-736R-JWJ6-4W23 OpenClaw: Sandboxed agents could escape exec routing via host=node override

Summary Sandboxed agents could escape exec routing via host=node override. Affected Packages / Versions - Package: openclaw - Ecosystem: npm - Affected versions: = 2026.4.5 = 2026.4.10 Impact A sandboxed agent could request host: "node" and route exec to a remote node instead of the intended...

OpenClaw: Sandboxed agents could escape exec routing via host=node override

Summary Sandboxed agents could escape exec routing via host=node override. Affected Packages / Versions - Package: openclaw - Ecosystem: npm - Affected versions: = 2026.4.5 = 2026.4.10 Impact A sandboxed agent could request host: "node" and route exec to a remote node instead of the intended...

Eclipse Che Machine-Exec WebSocket Service Exposure Detector

This Python script is a lightweight security detection tool designed to identify potentially exposed or misconfigured machine-exec WebSocket services associated with Eclipse Che running on port 3333...

PT-2026-37015

Name of the Vulnerable Software and Affected Versions OpenClaw versions 2026.2.23 through 2026.4.11 Description An issue exists in the execution of busybox and toybox applets where weakened exec approval binding allows attackers to obscure which applet is actually running. By exploiting opaque...