3 matches found
CVE-2026-32065
OpenClaw versions prior to 2026.2.25 contain an approval-integrity bypass vulnerability in system.run where rendered command text is used as approval identity while trimming argv token whitespace, but runtime execution uses raw argv. An attacker can craft a trailing-space executable token to...
GHSA-MXMG-3P7M-2GHR Duplicate Advisory: OpenClaw: system.run approval identity mismatch could execute a different binary than displayed
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-hwpq-rrpf-pgcq. This link is maintained to preserve external references. Original Description OpenClaw versions prior to 2026.2.25 contain an approval-integrity bypass vulnerability in system.run where rendered...
GHSA-HWPQ-RRPF-PGCQ OpenClaw: system.run approval identity mismatch could execute a different binary than displayed
Summary system.run approvals in OpenClaw used rendered command text as the approval identity while trimming argv token whitespace. Runtime execution still used raw argv. A crafted trailing-space executable token could therefore execute a different binary than what the approver saw. Affected...