Untrusted Search Path
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Untrusted Search Path via tools.exec.safeBins. An attacker can execute arbitrary commands by placing a malicious binary with the same name as a trusted binary in a PATH-derived directory...