23 matches found
CVE-2026-22217
OpenClaw version 2026.2.22 prior to 2026.2.23 contain an arbitrary code execution vulnerability in shell-env that allows attackers to execute attacker-controlled binaries by exploiting trusted-prefix fallback logic for the $SHELL variable. An attacker can influence the $SHELL environment variable...
OpenClaw 代码问题漏洞
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a code issue vulnerability that is caused by an arbitrary shell execution flaw in the shell environment fallback. An attacker can exploit the vulnerability to execute arbitrary commands on the system...
CVE-2026-22217
OpenClaw version 2026.2.22 prior to 2026.2.23 contains an arbitrary code execution vulnerability in shell-env that allows attackers to execute attacker-controlled binaries by exploiting trusted-prefix fallback logic for the $SHELL variable. An attacker can influence the $SHELL environment variabl...
CVE-2026-22217
OpenClaw version 2026.2.22 prior to 2026.2.23 contain an arbitrary code execution vulnerability in shell-env that allows attackers to execute attacker-controlled binaries by exploiting trusted-prefix fallback logic for the $SHELL variable. An attacker can influence the $SHELL environment variable...
CVE-2026-22217 OpenClaw 2026.2.22 < 2026.2.23 - Arbitrary Binary Execution via $SHELL Environment Variable Trusted Prefix Fallback
OpenClaw version 2026.2.22 prior to 2026.2.23 contains an arbitrary code execution vulnerability in shell-env that allows attackers to execute attacker-controlled binaries by exploiting trusted-prefix fallback logic for the $SHELL variable. An attacker can influence the $SHELL environment variabl...
CVE-2026-22217
OpenClaw Open source npm package openclaw has a CVE-2026-22217 vulnerability: versions 2026.2.22 and earlier allow arbitrary code execution via the shell-env trusted-prefix fallback for the $SHELL variable. An attacker can influence a writable trusted-prefix directory (e.g., /opt/homebrew/bin) to...
GHSA-5H2C-8V84-QPVR OpenClaw shell-env fallback trusted startup env and could execute attacker-influenced login-shell paths
Summary OpenClaw shell-env fallback trusted startup environment values and could execute attacker-influenced login-shell startup paths before loading env keys. Affected Packages / Versions - Package: openclaw npm - Affected versions: = 2026.1.5 and = 2026.2.21-2 - Fixed on main:...
OpenClaw shell-env fallback trusted startup env and could execute attacker-influenced login-shell paths
Summary OpenClaw shell-env fallback trusted startup environment values and could execute attacker-influenced login-shell startup paths before loading env keys. Affected Packages / Versions - Package: openclaw npm - Affected versions: = 2026.1.5 and = 2026.2.21-2 - Fixed on main:...
Unsafe Dependency Resolution
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Unsafe Dependency Resolution via the shell-env process. An attacker can execute arbitrary binaries with the privileges of the affected process by influencing the $SHELL environment variab...
GHSA-P4WH-CR8M-GM6C OpenClaw: shell-env trusted-prefix fallback allowed attacker-controlled binary execution via $SHELL
Summary shell-env fallback trusted prefix-based executable paths for $SHELL, allowing execution of attacker-controlled binaries in local/runtime-env influence scenarios. Details In affected versions, shell selection accepted either: 1. a shell listed in /etc/shells, or 2. any executable under...
GHSA-F8MP-VJ46-CQ8V OpenClaw's shell env fallback trusts unvalidated SHELL path from host environment
The shell environment fallback path could invoke an attacker-controlled shell when SHELL was inherited from an untrusted host environment. In affected builds, shell-env loading used $SHELL -l -c 'env -0' without validating that SHELL points to a trusted executable. In threat-model terms, this...
PT-2026-26413
Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.2.22 Description OpenClaw versions prior to 2026.2.22 contain an arbitrary shell execution issue in the shell environment fallback mechanism. This occurs because the software trusts the unvalidated SHELL path fr...
CVE-2026-22708
Cursor is a code editor built for programming with AI. Prior to 2.3, hen the Cursor Agent is running in Auto-Run Mode with Allowlist mode enabled, certain shell built-ins can still be executed without appearing in the allowlist and without requiring user approval. This allows an attacker via...
EUVD-2022-6984
Malicious code in bioql PyPI...
CVE-2024-48919 RCE via Prompt Injection Into Cursor's Terminal Cmd-K
Cursor is a code editor built for programming with AI. Prior to Sep 27, 2024, if a user generated a terminal command via Cursor's Terminal Cmd-K/Ctrl-K feature and if the user explicitly imported a malicious web page into the Terminal Cmd-K prompt, an attacker with control over the referenced web...
GHSA-XWF3-6RGV-939R Flux CLI Workload Injection
Flux CLI allows users to deploy Flux components into a Kubernetes cluster via command-line. The vulnerability allows other applications to replace the Flux deployment information with arbitrary content which is deployed into the target Kubernetes cluster instead. The vulnerability is due to the...
Flux CLI Workload Injection
Flux CLI allows users to deploy Flux components into a Kubernetes cluster via command-line. The vulnerability allows other applications to replace the Flux deployment information with arbitrary content which is deployed into the target Kubernetes cluster instead. The vulnerability is due to the...
CVE-2022-36035
Flux is a tool for keeping Kubernetes clusters in sync with sources of configuration like Git repositories, and automating updates to configuration when there is new code to deploy. Flux CLI allows users to deploy Flux components into a Kubernetes cluster via command-line. The vulnerability allow...
Path traversal
Flux is a tool for keeping Kubernetes clusters in sync with sources of configuration like Git repositories, and automating updates to configuration when there is new code to deploy. Flux CLI allows users to deploy Flux components into a Kubernetes cluster via command-line. The vulnerability allow...
CVE-2022-36035 Flux CLI Workload Injection
Flux is a tool for keeping Kubernetes clusters in sync with sources of configuration like Git repositories, and automating updates to configuration when there is new code to deploy. Flux CLI allows users to deploy Flux components into a Kubernetes cluster via command-line. The vulnerability allow...