2 matches found
GHSA-W8RF-7QF8-65WW Duplicate Advisory: OpenClaw: Node-host approvals could show misleading shell payloads instead of the executed argv
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-rw39-5899-8mxp. This link is maintained to preserve external references. Original Description OpenClaw before 2026.3.11 contains an approval-integrity vulnerability in node-host system.run approvals that display...
CVE-2026-32971
OpenClaw before 2026.3.11 contains an approval-integrity vulnerability in node-host system.run approvals that displays extracted shell payloads instead of the executed argv. Attackers can place wrapper binaries and induce wrapper-shaped commands to execute local code after operators approve...