CVE-2026-32909

Rejected reason: This CVE ID has been rejected...

CVE-2026-32909

OpenClaw before 2026.2.19 contains a command-injection vulnerability in tools.exec.safeBins that lets an attacker bypass stdin-only restrictions by using sort output flags or recursive grep flags. This can enable arbitrary file writes via sort -o and recursive file reads via grep -R, bypassing th...

GHSA-GGM6-H3MX-CMMP Duplicate Advisory: safeBins stdin-only bypass via sort output and recursive grep flags

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-4685-c5cp-vp95. This link is maintained to preserve external references. Original Description OpenClaw versions prior to 2026.2.19 tools.exec.safeBins contains an input validation bypass vulnerability that allow...

CVE-2026-31996

CVE-2026-31996 affects OpenClaw versions prior to 2026.2.19. The issue is an input validation bypass inside tools.exec.safeBins, allowing an attacker with command execution access to perform unintended filesystem operations by abusing sort output flags (e.g., sort -o) or recursive grep flags (gre...

OpenClaw 操作系统命令注入漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.2.19 had a vulnerability related to operating system command injection. This vulnerability stemmed from a flaw in input validation within tools.exec.safeBins, which could allow...

GHSA-4685-C5CP-VP95 OpenClaw safeBins stdin-only bypass via sort output and recursive grep flags

Summary tools.exec.safeBins could be bypassed for filesystem access when sort output flags -o / --output or recursive grep flags were allowed through safe-bin execution paths. Affected Packages / Versions - Package: openclaw npm - Affected versions: = 2026.2.19 - Latest published version at triag...