CVE-2026-27566

OpenClaw versions prior to 2026.2.22 contain an allowlist bypass vulnerability in system.run exec analysis that fails to unwrap env and shell-dispatch wrapper chains. Attackers can route execution through wrapper binaries like env bash to smuggle payloads that satisfy allowlist entries while...

CVE-2026-31992

OpenClaw versions prior to 2026.2.23 contain an allowlist bypass vulnerability in system.run guardrails that allows authenticated operators to execute unintended commands. When /usr/bin/env is allowlisted, attackers can use env -S to bypass policy analysis and execute shell wrapper payloads at...

CVE-2026-28455

Rejected reason: This CVE ID has been rejected...

GHSA-3846-MFVC-XWPF Duplicate Advisory: Exec allowlist wrapper analysis did not unwrap env/shell dispatch chains

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-jj82-76v6-933r. This link is maintained to preserve external references. Original Description OpenClaw versions prior to 2026.2.22 contain an allowlist bypass vulnerability in system.run exec analysis that fails...

EUVD-2026-13007

OpenClaw versions prior to 2026.2.22 contain an allowlist bypass vulnerability in system.run exec analysis that fails to unwrap env and shell-dispatch wrapper chains. Attackers can route execution through wrapper binaries like env bash to smuggle payloads that satisfy allowlist entries while...

GHSA-796M-2973-WC5Q OpenClaw has exec allowlist/safeBins policy-runtime mismatch via env -S wrapper interpretation

Summary tools.exec allowlist/safe-bins evaluation could diverge from runtime execution for wrapper commands using GNU env -S/--split-string semantics. This allowed policy checks to treat a command as a benign safe-bin invocation while runtime executed a different payload. Affected Packages /...