Lucene search
K

27 matches found

OSV
OSV
added 2026/07/02 4:5 p.m.7 views

GHSA-MHQ8-78PJ-5J79 OpenClaw's POSIX node system.run safe-bin allowlist could be widened by shell expansion

Summary On POSIX nodes, OpenClaw's system.run safe-bin checks could approve a command before shell expansion changed how the command was interpreted. A value that appeared to be a safe-bin argument could expand into additional shell words and become a file operand. This issue is limited to paired...

7.1CVSS6.1AI score0.00191EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/12 11:9 p.m.11 views

Time-of-check Time-of-use (TOCTOU) Race Condition

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Time-of-check Time-of-use TOCTOU Race Condition via the system.run safe-bin allowlist validation. An attacker can access arbitrary files and expose sensitive configuration data by injecti...

8.3CVSS5.5AI score0.00191EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/12 9:56 p.m.9 views

CVE-2026-53831 OpenClaw < 2026.5.18 - Arbitrary File Read via Shell Expansion in system.run Safe-bin Allowlist

OpenClaw before 2026.5.18 contains a policy enforcement vulnerability in system.run safe-bin allowlist validation that allows shell expansion to modify command interpretation on POSIX nodes. Authenticated operators can exploit shell metacharacters in approved commands to read unintended node-loca...

8.3CVSS5.3AI score0.00191EPSS
Exploits0References2
CVE
CVE
added 2026/06/12 9:56 p.m.25 views

CVE-2026-53831

OpenClaw

8.3CVSS5.3AI score0.00191EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/12 9:56 p.m.30 views

CVE-2026-53831 OpenClaw < 2026.5.18 - Arbitrary File Read via Shell Expansion in system.run Safe-bin Allowlist

OpenClaw before 2026.5.18 contains a policy enforcement vulnerability in system.run safe-bin allowlist validation that allows shell expansion to modify command interpretation on POSIX nodes. Authenticated operators can exploit shell metacharacters in approved commands to read unintended node-loca...

8.3CVSS0.00191EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.19 views

PT-2026-49035

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.5.18 Description A policy enforcement issue exists in the system.run safe-bin allowlist validation on POSIX nodes. This flaw allows shell expansion to modify how commands are interpreted. Authenticated operators...

8.3CVSS5.2AI score0.00191EPSS
Exploits0References7
NVD
NVD
added 2026/04/28 12:16 a.m.5 views

CVE-2026-41368

OpenClaw before 2026.3.28 contains an environment variable disclosure vulnerability in the jq safe-bin policy that fails to block the $ENV filter. Attackers can bypass safe-bin restrictions by using $ENV in jq programs to access sensitive environment variables that should be restricted...

7.1CVSS0.00238EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/27 11:24 p.m.7 views

EUVD-2026-25948

OpenClaw before 2026.3.28 contains an environment variable disclosure vulnerability in the jq safe-bin policy that fails to block the $ENV filter. Attackers can bypass safe-bin restrictions by using $ENV in jq programs to access sensitive environment variables that should be restricted...

7.1CVSS5.2AI score0.00238EPSS
Exploits0References2
CVE
CVE
added 2026/04/27 11:24 p.m.16 views

CVE-2026-41368

CVE-2026-41368 affects OpenClaw prior to 2026.3.28. The issue is an environment variable disclosure via the jq safe-bin policy, where the $ENV filter is not blocked, allowing access to sensitive environment variables. Affected: OpenClaw versions before 2026.3.28. Impact: exposure of confidential ...

7.1CVSS5.2AI score0.00238EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/27 11:24 p.m.5 views

CVE-2026-41368

OpenClaw before 2026.3.28 contains an environment variable disclosure vulnerability in the jq safe-bin policy that fails to block the $ENV filter. Attackers can bypass safe-bin restrictions by using $ENV in jq programs to access sensitive environment variables that should be restricted...

7.1CVSS5.2AI score0.00238EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/27 11:24 p.m.32 views

CVE-2026-41368 OpenClaw < 2026.3.28 - Environment Variable Disclosure via jq $ENV Filter Bypass

OpenClaw before 2026.3.28 contains an environment variable disclosure vulnerability in the jq safe-bin policy that fails to block the $ENV filter. Attackers can bypass safe-bin restrictions by using $ENV in jq programs to access sensitive environment variables that should be restricted...

7.1CVSS0.00238EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/27 12:0 a.m.8 views

PT-2026-35556

OpenClaw before 2026.3.28 contains an environment variable disclosure vulnerability in the jq safe-bin policy that fails to block the $ENV filter. Attackers can bypass safe-bin restrictions by using $ENV in jq programs to access sensitive environment variables that should be restricted...

7.1CVSS5.2AI score0.00238EPSS
Exploits0References3
OSV
OSV
added 2026/03/31 11:56 p.m.5 views

GHSA-JCCR-RRW2-VC8H OpenClaw safeBins jq `$ENV` filter bypass allows environment variable disclosure

Summary The jq safe-bin policy blocked explicit env usage but still allowed jq programs that accessed environment data through $ENV. Impact An operator-approved safe-bin jq command could disclose environment variables that the safe-bin policy was supposed to keep out of scope. Affected Component...

7.7CVSS5.8AI score0.00238EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/03/26 3:10 p.m.4 views

CVE-2026-32010

OpenClaw versions prior to 2026.2.22 contain an allowlist bypass vulnerability in the safe-bin configuration when sort is manually added to tools.exec.safeBins. Attackers can invoke sort with the --compress-program flag to execute arbitrary external programs without operator approval in allowlist...

8.8CVSS6.1AI score0.00286EPSS
Exploits0References1
NVD
NVD
added 2026/03/19 10:16 p.m.11 views

CVE-2026-32010

OpenClaw versions prior to 2026.2.22 contain an allowlist bypass vulnerability in the safe-bin configuration when sort is manually added to tools.exec.safeBins. Attackers can invoke sort with the --compress-program flag to execute arbitrary external programs without operator approval in allowlist...

8.8CVSS0.00286EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/19 10:6 p.m.3 views

CVE-2026-32010

OpenClaw versions prior to 2026.2.22 contain an allowlist bypass vulnerability in the safe-bin configuration when sort is manually added to tools.exec.safeBins. Attackers can invoke sort with the --compress-program flag to execute arbitrary external programs without operator approval in allowlist...

6.3CVSS6AI score0.00286EPSS
Exploits0References4
EUVD
EUVD
added 2026/03/19 10:6 p.m.14 views

EUVD-2026-13271

OpenClaw versions prior to 2026.2.22 contain an allowlist bypass vulnerability in the safe-bin configuration when sort is manually added to tools.exec.safeBins. Attackers can invoke sort with the --compress-program flag to execute arbitrary external programs without operator approval in allowlist...

6.3CVSS6AI score0.00286EPSS
Exploits0References3
OSV
OSV
added 2026/03/19 10:6 p.m.5 views

CVE-2026-32010 OpenClaw < 2026.2.22 - Allowlist Bypass via sort --compress-program Parameter

OpenClaw versions prior to 2026.2.22 contain an allowlist bypass vulnerability in the safe-bin configuration when sort is manually added to tools.exec.safeBins. Attackers can invoke sort with the --compress-program flag to execute arbitrary external programs without operator approval in allowlist...

5.8CVSS6.2AI score0.00286EPSS
Exploits0References5
CVE
CVE
added 2026/03/19 10:6 p.m.21 views

CVE-2026-32010

OpenClaw is affected in versions prior to 2026.2.22. The root cause is an allowlist bypass in the safe-bin configuration: if sort is manually added to tools.exec.safeBins, using sort --compress-program can cause the allowlist check to be satisfied and execute an arbitrary external program without...

8.8CVSS6AI score0.00286EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/03/05 10:0 p.m.25 views

CVE-2026-29610

OpenClaw CVE-2026-29610 affects versions prior to 2026.2.14. It describes a command hijacking flaw where PATH manipulation during node-host execution or project-local bootstrapping allows placing malicious executables to override allowlisted safe-bin commands, leading to arbitrary command executi...

8.8CVSS6.3AI score0.00465EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder