4 matches found
GHSA-F397-5VJW-V2C2 OpenClaw: Shell inline-command parsing could miss an allowlist check
Summary Shell inline-command parsing could miss an allowlist check. In affected versions, a command request using shell inline-command forms could route an inline command through a parser case that did not receive the expected allowlist decision. This advisory is scoped to the named feature and...
CVE-2026-53866
OpenClaw before 2026.5.12 contains an allowlist bypass vulnerability in shell inline-command parsing that allows authenticated operators to execute unapproved commands. A command request using shell inline-command forms could route through a parser case missing the expected allowlist decision,...
CVE-2026-53866
OpenClaw vulnerable before version 2026.5.12 due to an allowlist bypass in shell inline-command parsing. Affected: authenticated operators could cause unapproved commands to execute because a parser case omits the expected allowlist decision. The issue is tied to the shell inline-command handling...
PT-2026-49783
Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.5.12 Description An allowlist bypass exists in shell inline-command parsing. A command request using shell inline-command forms can route through a parser case that misses the expected allowlist decision, allowi...