2 matches found
GHSA-6J27-PC5C-M8W8 OpenClaw's allow-always wrapper persistence could bypass future approvals and enable command execution
Summary In openclaw npm releases up to and including 2026.2.21-2, approving wrapped system.run commands with allow-always in security=allowlist mode could persist wrapper-level allowlist entries and enable later approval-bypass execution of different inner payloads. Affected Packages / Versions -...
GHSA-5F9P-F3W2-FWCH OpenClaw macOS companion app (beta): allowlist parsing mismatch for system.run shell chains
Summary In the macOS companion app currently beta, a parsing mismatch in exec approvals could let shell-chain payloads pass allowlist checks in system.run under specific settings. Impact This path requires all of the following: - authenticated caller with operator.write - paired macOS beta node...