EUVD-2026-28195

OpenClaw before 2026.4.22 contains an exec allowlist analysis vulnerability allowing shell expansion hiding in unquoted heredoc bodies. Attackers can bypass allowlist validation by embedding shell expansion tokens in heredoc bodies to execute unapproved commands at runtime...

CVE-2026-31992

OpenClaw versions prior to 2026.2.23 contain an allowlist bypass vulnerability in system.run guardrails that allows authenticated operators to execute unintended commands. When /usr/bin/env is allowlisted, attackers can use env -S to bypass policy analysis and execute shell wrapper payloads at...

OpenClaw plugin runtime command execution is part of trusted plugin boundary

Summary OpenClaw plugins/extensions run in-process and are treated as trusted code. This advisory tracks trust-boundary clarification around plugin runtime command execution runtime.system.runCommandWithTimeout. Impact Plugins already execute with the same OS privileges as the OpenClaw process...

NoRoot Firewall - External URLs, Native code usage, Runtime command execution vulnerabilities

HackApp vulnerability scanner discovered that application NoRoot Firewall published at the 'play' market has multiple vulnerabilities...

Hanover - External URLs, Native code usage, Runtime command execution vulnerabilities

HackApp vulnerability scanner discovered that application Hanover published at the 'play' market has multiple vulnerabilities...

MyMoney. Expense Manager - Dynamic Code Loading, External URLs, Runtime command execution vulnerabilities

HackApp vulnerability scanner discovered that application MyMoney. Expense Manager published at the 'play' market has multiple vulnerabilities...

eDAT ACCESS App - External URLs, Native code usage, Runtime command execution vulnerabilities

HackApp vulnerability scanner discovered that application eDAT ACCESS App published at the 'play' market has multiple vulnerabilities...

Boat Tab History Add-on - External URLs, Runtime command execution, SD-card access vulnerabilities

HackApp vulnerability scanner discovered that application Boat Tab History Add-on published at the 'play' market has multiple vulnerabilities...

Boat Web2PDF Add-on - External URLs, Runtime command execution, SD-card access vulnerabilities

HackApp vulnerability scanner discovered that application Boat Web2PDF Add-on published at the 'play' market has multiple vulnerabilities...

SMS/MMS Spy Detector - External URLs, Possible privilege escalation, Runtime command execution vulnerabilities

HackApp vulnerability scanner discovered that application SMS/MMS Spy Detector published at the 'play' market has multiple vulnerabilities...

8anawat Arabic - External URLs, Runtime command execution, SD-card access vulnerabilities

HackApp vulnerability scanner discovered that application 8anawat Arabic published at the 'play' market has multiple vulnerabilities...

Shark for Root - External URLs, Possible privilege escalation, Runtime command execution vulnerabilities

HackApp vulnerability scanner discovered that application Shark for Root published at the 'play' market has multiple vulnerabilities...

TTL Master - Possible privilege escalation, Runtime command execution, Suspicious files vulnerabilities

HackApp vulnerability scanner discovered that application TTL Master published at the 'play' market has multiple vulnerabilities...

Vim Touch - Exported components, Native code usage, Runtime command execution vulnerabilities

HackApp vulnerability scanner discovered that application Vim Touch published at the 'play' market has multiple vulnerabilities...

Bash Shell X - Possible privilege escalation, Runtime command execution, Runtime privilege escalation vulnerabilities

HackApp vulnerability scanner discovered that application Bash Shell X published at the 'play' market has multiple vulnerabilities...

PL2303 GPSInfo - Exported components, Runtime command execution vulnerabilities

HackApp vulnerability scanner discovered that application PL2303 GPSInfo published at the 'play' market has multiple vulnerabilities...

Intercepter-NG (ROOT) - Possible privilege escalation, Runtime command execution, Runtime privilege escalation vulnerabilities

HackApp vulnerability scanner discovered that application Intercepter-NG ROOT published at the 'play' market has multiple vulnerabilities...

Belarc Security Advisor - Possible privilege escalation, Runtime command execution, Suspicious files vulnerabilities

HackApp vulnerability scanner discovered that application Belarc Security Advisor published at the 'play' market has multiple vulnerabilities...

IRCTC Connect - Dynamic Code Loading, External URLs, Runtime command execution vulnerabilities

HackApp vulnerability scanner discovered that application IRCTC Connect published at the 'play' market has multiple vulnerabilities...

PAYplus - Customized SSL, Runtime command execution, SD-card access vulnerabilities

HackApp vulnerability scanner discovered that application PAYplus published at the 'play' market has multiple vulnerabilities...