CVE-2026-32059

OpenClaw contains a vulnerability in tools.exec.safeBins for sort: in versions up to 2026.2.22-2, GNU long-option abbreviations could bypass deny checks in allowlist mode, allowing remote actors to execute abbreviated long options without approval. The issue is caused by how long options are vali...

EUVD-2026-11148

OpenClaw version 2026.2.22-2 prior to 2026.2.23 tools.exec.safeBins validation for sort command fails to properly validate GNU long-option abbreviations, allowing attackers to bypass denied-flag checks via abbreviated options. Remote attackers can execute sort commands with abbreviated long optio...

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant. Versions of OpenClaw prior to 2026.2.23 had security vulnerabilities. These vulnerabilities stemmed from a flaw in the validation of the sort command by tools.exec.safeBins, which failed to correctly validate GNU long option...

CVE-2026-28363

In OpenClaw before 2026.2.23, tools.exec.safeBins validation for sort could be bypassed via GNU long-option abbreviations such as --compress-prog in allowlist mode, leading to approval-free execution paths that were intended to require approval. Only an exact string such as --compress-program was...

CVE-2026-28363

In OpenClaw before 2026.2.23, tools.exec.safeBins validation for sort could be bypassed via GNU long-option abbreviations such as --compress-prog in allowlist mode, leading to approval-free execution paths that were intended to require approval. Only an exact string such as --compress-program was...

CVE-2026-28363

OpenClaw prior to version 2026.2.23 contains a vulnerability in tools.exec.safeBins sort validation that can be bypassed using GNU long-option abbreviations (e.g., --compress-prog) when in allowlist mode. This leads to approval-free execution paths that were intended to require explicit approval,...

CVE-2026-28363

In OpenClaw before 2026.2.23, tools.exec.safeBins validation for sort could be bypassed via GNU long-option abbreviations such as --compress-prog in allowlist mode, leading to approval-free execution paths that were intended to require approval. Only an exact string such as --compress-program was...

PT-2026-24669

Summary In OpenClaw, tools.exec.safeBins validation for sort could be bypassed via GNU long-option abbreviations in allowlist mode, allowing approval-free execution paths that should require approval. Affected Packages / Versions - Ecosystem: npm - Package: openclaw - Latest published version...

PPP: Information disclosure

Background PPP is a Unix implementation of the Point-to-Point Protocol Description Integer overflow is discovered in the getword function in options.c in PPP Impact A local attacker could execute process with extremely long options list, possibly obtaining sensitive information. Workaround There ...