5 matches found
CVE-2026-32059
OpenClaw version 2026.2.22-2 prior to 2026.2.23 tools.exec.safeBins validation for sort command fails to properly validate GNU long-option abbreviations, allowing attackers to bypass denied-flag checks via abbreviated options. Remote attackers can execute sort commands with abbreviated long optio...
GHSA-3C6H-G97W-FG78 OpenClaw's tools.exec.safeBins sort long-option abbreviation bypass can skip exec approval in allowlist mode
Summary In OpenClaw, tools.exec.safeBins validation for sort could be bypassed via GNU long-option abbreviations in allowlist mode, allowing approval-free execution paths that should require approval. Affected Packages / Versions - Ecosystem: npm - Package: openclaw - Latest published version...
CVE-2005-1847
Multiple buffer overflows in YaMT before 0.52 allow attackers to execute arbitrary code via the 1 rename or 2 sort options...
SUSE CVE-2005-1846
Multiple directory traversal vulnerabilities in YaMT before 0.52 allow attackers to overwrite arbitrary files via the 1 rename or 2 sort options...
SUSE CVE-2005-1847
Multiple buffer overflows in YaMT before 0.52 allow attackers to execute arbitrary code via the 1 rename or 2 sort options...