Lucene search
+L

134 matches found

ATTACKERKB
ATTACKERKB
added 2026/03/21 12:42 a.m.5 views

CVE-2026-32065

OpenClaw versions prior to 2026.2.25 contain an approval-integrity bypass vulnerability in system.run where rendered command text is used as approval identity while trimming argv token whitespace, but runtime execution uses raw argv. An attacker can craft a trailing-space executable token to...

5.7CVSS6.1AI score0.0029EPSS
Exploits0References4
CVE
CVE
added 2026/03/21 12:42 a.m.15 views

CVE-2026-32065

Summary (concrete): CVE-2026-32065 affects OpenClaw

6.5CVSS6.1AI score0.0029EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2026/03/19 3:30 a.m.6 views

EUVD-2026-13016

OpenClaw 2026.3.1 contains an approval integrity vulnerability in system.run node-host execution where argv rewriting changes command semantics. Attackers can place malicious local scripts in the working directory to execute unintended code despite operator approval of different command text...

6.7CVSS6.1AI score0.0013EPSS
Exploits0References4
OSV
OSV
added 2026/03/19 3:30 a.m.6 views

GHSA-G87J-GM7P-6VW2 Duplicate Advisory: OpenClaw's Node system.run approval hardening wrapper semantic drift can execute unintended local scripts

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-h3rm-6x7g-882f. This link is maintained to preserve external references. Original Description OpenClaw 2026.3.1 contains an approval integrity vulnerability in system.run node-host execution where argv rewriting...

6.7CVSS6AI score0.0013EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/03/19 3:30 a.m.10 views

Duplicate Advisory: OpenClaw's Node system.run approval hardening wrapper semantic drift can execute unintended local scripts

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-h3rm-6x7g-882f. This link is maintained to preserve external references. Original Description OpenClaw 2026.3.1 contains an approval integrity vulnerability in system.run node-host execution where argv rewriting...

6.7CVSS6AI score0.0013EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2026/03/19 2:16 a.m.13 views

CVE-2026-29608

OpenClaw 2026.3.1 contains an approval integrity vulnerability in system.run node-host execution where argv rewriting changes command semantics. Attackers can place malicious local scripts in the working directory to execute unintended code despite operator approval of different command text...

6.7CVSS0.0013EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/19 1:0 a.m.4 views

CVE-2026-31997

OpenClaw versions prior to 2026.3.1 fail to pin executable identity for non-path-like argv0 tokens in system.run approvals, allowing post-approval executable rebind attacks. Attackers can modify PATH resolution after approval to execute a different binary than the operator approved, enabling...

6CVSS6AI score0.00091EPSS
Exploits0References3
OSV
OSV
added 2026/03/19 1:0 a.m.6 views

CVE-2026-31997 OpenClaw < 2026.3.1 - Executable Rebind via Unbound PATH-token in system.run Approvals

OpenClaw versions prior to 2026.3.1 fail to pin executable identity for non-path-like argv0 tokens in system.run approvals, allowing post-approval executable rebind attacks. Attackers can modify PATH resolution after approval to execute a different binary than the operator approved, enabling...

4.4CVSS6.9AI score0.00091EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/03/19 1:0 a.m.6 views

CVE-2026-29608

OpenClaw 2026.3.1 contains an approval integrity vulnerability in system.run node-host execution where argv rewriting changes command semantics. Attackers can place malicious local scripts in the working directory to execute unintended code despite operator approval of different command text...

6.7CVSS6.1AI score0.0013EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/03/19 1:0 a.m.23 views

CVE-2026-29608

OpenClaw 2026.3.1 contains an approval-integrity vulnerability in the system.run node-host path where argv rewriting changes the executed command. The issue allows an attacker to place a local script in the approved working directory and have it run instead of the text shown to the operator, desp...

6.7CVSS6.1AI score0.0013EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/03/19 1:0 a.m.6 views

CVE-2026-29608 OpenClaw 2026.3.1 < 2026.3.2 - Approval Integrity Bypass via system.run argv Rewriting

OpenClaw 2026.3.1 contains an approval integrity vulnerability in system.run node-host execution where argv rewriting changes command semantics. Attackers can place malicious local scripts in the working directory to execute unintended code despite operator approval of different command text...

5.4CVSS6.9AI score0.0013EPSS
Exploits0References5
OSV
OSV
added 2026/03/03 9:19 p.m.8 views

GHSA-H3RM-6X7G-882F OpenClaw's Node system.run approval hardening wrapper semantic drift can execute unintended local scripts

Summary In [email protected], node system.run approval-path hardening rewrote wrapper command argv in a way that changed execution semantics. A command shown/approved as a shell payload for example echo SAFE could execute a different local script when wrapper argv were rewritten. Affected Package...

6.7CVSS6.1AI score0.0013EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/03/03 9:19 p.m.28 views

OpenClaw's Node system.run approval hardening wrapper semantic drift can execute unintended local scripts

Summary In [email protected], node system.run approval-path hardening rewrote wrapper command argv in a way that changed execution semantics. A command shown/approved as a shell payload for example echo SAFE could execute a different local script when wrapper argv were rewritten. Affected Package...

6.7CVSS6.1AI score0.0013EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/03/03 7:46 p.m.9 views

GHSA-6RCP-VXWF-3MFP OpenClaw's system.run shell-wrapper positional argv carriers could execute hidden commands under misleading approval text

Summary In openclaw up to and including 2026.2.23 latest npm release as of February 25, 2026, system.run shell-wrapper inputs could present misleading approval/display text while still carrying hidden positional argv payloads that execute at runtime. Affected Packages / Versions - Package: opencl...

5.8CVSS6.1AI score0.00911EPSS
Exploits0References6
OSV
OSV
added 2026/03/03 7:18 p.m.20 views

GHSA-MWCG-WFQ3-4GJC OpenClaw's system.run approval TOCTOU via mutable symlink cwd target on node host

Summary In [email protected], approval-bound system.run on node hosts could be influenced by mutable symlink cwd targets between approval and execution. Details Approval matching on the gateway validated command/argv and binding fields, including cwd, as provided text. Node execution later used...

5.8CVSS6.1AI score0.00099EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/03/03 7:18 p.m.12 views

OpenClaw's system.run approval TOCTOU via mutable symlink cwd target on node host

Summary In [email protected], approval-bound system.run on node hosts could be influenced by mutable symlink cwd targets between approval and execution. Details Approval matching on the gateway validated command/argv and binding fields, including cwd, as provided text. Node execution later used...

7CVSS6.1AI score0.00099EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/03 12:0 a.m.12 views

PT-2026-26228

Summary In [email protected], node system.run approval-path hardening rewrote wrapper command argv in a way that changed execution semantics. A command shown/approved as a shell payload for example echo SAFE could execute a different local script when wrapper argv were rewritten. Affected Package...

6.7CVSS6.1AI score0.0013EPSS
Exploits0References9
OSV
OSV
added 2026/03/02 11:33 p.m.8 views

GHSA-HWPQ-RRPF-PGCQ OpenClaw: system.run approval identity mismatch could execute a different binary than displayed

Summary system.run approvals in OpenClaw used rendered command text as the approval identity while trimming argv token whitespace. Runtime execution still used raw argv. A crafted trailing-space executable token could therefore execute a different binary than what the approver saw. Affected...

5.7CVSS6.2AI score0.0029EPSS
Exploits0References5
OSV
OSV
added 2026/02/19 10:6 p.m.5 views

GHSA-6C9J-X93C-RW6J OpenClaw safeBins file-existence oracle information disclosure

An information disclosure vulnerability in OpenClaw's tools.exec.safeBins approval flow allowed a file-existence oracle. When safe-bin validation examined candidate file paths, command allow/deny behavior could differ based on whether a path already existed on the host filesystem. An attacker cou...

4.3CVSS6.1AI score0.00133EPSS
Exploits0References4
Snyk
Snyk
added 2026/02/18 12:50 a.m.7 views

Command Injection

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Command Injection via the exec-approvals allowlist, when shell expansion is performed on argv tokens. An attacker can access sensitive files by supplying crafted arguments that leverage...

8.6CVSS5.7AI score0.00167EPSS
Exploits0References2
Rows per page
Query Builder