Lucene search
K

21 matches found

Vulnrichment
Vulnrichment
added 2026/04/10 4:3 p.m.3 views

CVE-2026-35666 OpenClaw < 2026.3.22 - Allowlist Bypass via Unregistered Time Dispatch Wrapper

OpenClaw before 2026.3.22 contains an allowlist bypass vulnerability in system.run approvals that fails to unwrap /usr/bin/time wrappers. Attackers can bypass executable binding restrictions by using an unregistered time wrapper to reuse approval state for inner commands...

8.8CVSS5.8AI score0.00374EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/10 4:3 p.m.5 views

EUVD-2026-21478

OpenClaw before 2026.3.22 contains an allowlist bypass vulnerability in system.run approvals that fails to unwrap /usr/bin/time wrappers. Attackers can bypass executable binding restrictions by using an unregistered time wrapper to reuse approval state for inner commands...

8.8CVSS5.8AI score0.00374EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/10 4:3 p.m.4 views

CVE-2026-35666

OpenClaw before 2026.3.22 contains an allowlist bypass vulnerability in system.run approvals that fails to unwrap /usr/bin/time wrappers. Attackers can bypass executable binding restrictions by using an unregistered time wrapper to reuse approval state for inner commands...

8.8CVSS5.8AI score0.00374EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/10 12:0 a.m.5 views

PT-2026-31977

OpenClaw before 2026.3.22 contains an allowlist bypass vulnerability in system.run approvals that fails to unwrap /usr/bin/time wrappers. Attackers can bypass executable binding restrictions by using an unregistered time wrapper to reuse approval state for inner commands...

8.8CVSS5.8AI score0.00374EPSS
Exploits0References5
Snyk
Snyk
added 2026/03/31 1:40 p.m.4 views

Interpretation Conflict

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Interpretation Conflict in the system.run approval process. An attacker can execute unintended local code by crafting wrapper binaries and inducing operators to approve misleading command...

8CVSS6AI score0.00272EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/03/31 12:31 p.m.10 views

Duplicate Advisory: OpenClaw: Node-host approvals could show misleading shell payloads instead of the executed argv

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-rw39-5899-8mxp. This link is maintained to preserve external references. Original Description OpenClaw before 2026.3.11 contains an approval-integrity vulnerability in node-host system.run approvals that display...

8CVSS6AI score0.00272EPSS
Exploits0References4Affected Software1
RedhatCVE
RedhatCVE
added 2026/03/26 3:7 p.m.5 views

CVE-2026-31997

OpenClaw versions prior to 2026.3.1 fail to pin executable identity for non-path-like argv0 tokens in system.run approvals, allowing post-approval executable rebind attacks. Attackers can modify PATH resolution after approval to execute a different binary than the operator approved, enabling...

6.7CVSS6AI score0.00091EPSS
Exploits0References1
OSV
OSV
added 2026/03/19 3:30 a.m.4 views

GHSA-Q86M-697P-H7FH Duplicate Advisory: OpenClaw: system.run approvals did not bind PATH-token executable identity, enabling post-approval executable rebind

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-q399-23r3-hfx4. This link is maintained to preserve external references. Original Description OpenClaw versions prior to 2026.3.1 fail to pin executable identity for non-path-like argv0 tokens in system.run...

6CVSS5.9AI score0.00091EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/03/19 3:30 a.m.8 views

Duplicate Advisory: OpenClaw: system.run approvals did not bind PATH-token executable identity, enabling post-approval executable rebind

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-q399-23r3-hfx4. This link is maintained to preserve external references. Original Description OpenClaw versions prior to 2026.3.1 fail to pin executable identity for non-path-like argv0 tokens in system.run...

6.7CVSS5.9AI score0.00091EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/03/19 1:0 a.m.11 views

CVE-2026-31997

CVE-2026-31997 : OpenClaw versions prior to 2026.3.1 fail to pin executable identity for non-path-like argv[0] tokens in system.run approvals. This allows post-approval PATH resolution changes to rebind to a different executable, enabling arbitrary command execution. Affected: OpenClaw before 202...

6.7CVSS6AI score0.00091EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/03/19 1:0 a.m.10 views

EUVD-2026-13033

OpenClaw versions prior to 2026.3.1 fail to pin executable identity for non-path-like argv0 tokens in system.run approvals, allowing post-approval executable rebind attacks. Attackers can modify PATH resolution after approval to execute a different binary than the operator approved, enabling...

6.7CVSS6AI score0.00091EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/19 1:0 a.m.20 views

CVE-2026-31997 OpenClaw < 2026.3.1 - Executable Rebind via Unbound PATH-token in system.run Approvals

OpenClaw versions prior to 2026.3.1 fail to pin executable identity for non-path-like argv0 tokens in system.run approvals, allowing post-approval executable rebind attacks. Attackers can modify PATH resolution after approval to execute a different binary than the operator approved, enabling...

6CVSS0.00091EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/19 1:0 a.m.6 views

CVE-2026-31997 OpenClaw < 2026.3.1 - Executable Rebind via Unbound PATH-token in system.run Approvals

OpenClaw versions prior to 2026.3.1 fail to pin executable identity for non-path-like argv0 tokens in system.run approvals, allowing post-approval executable rebind attacks. Attackers can modify PATH resolution after approval to execute a different binary than the operator approved, enabling...

6CVSS6AI score0.00091EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/19 1:0 a.m.4 views

CVE-2026-31997

OpenClaw versions prior to 2026.3.1 fail to pin executable identity for non-path-like argv0 tokens in system.run approvals, allowing post-approval executable rebind attacks. Attackers can modify PATH resolution after approval to execute a different binary than the operator approved, enabling...

6CVSS6AI score0.00091EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/03/13 3:48 p.m.8 views

OpenClaw: Unrecognized script runners could bypass `system.run` approval integrity

Summary In affected versions of openclaw, node-host system.run approvals did not bind a mutable file operand for some script runners, including forms such as tsx and jiti. An attacker could obtain approval for a benign script-runner command, rewrite the referenced script on disk, and have the...

9.4CVSS6.3AI score0.00179EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/03/13 3:47 p.m.3 views

GHSA-XF99-J42Q-5W5P OpenClaw: Unbound interpreter and runtime commands could bypass node-host approval integrity

Summary In affected versions of openclaw, node-host system.run approvals could still execute rewritten local code for interpreter and runtime commands when OpenClaw could not bind exactly one concrete local file operand during approval planning. Impact Deployments using node-host system.run...

7.3CVSS6.2AI score0.00132EPSS
Exploits0References5
OSV
OSV
added 2026/03/12 2:21 p.m.4 views

GHSA-8G75-Q649-6PV6 OpenClaw's system.run approvals did not bind mutable script operands across approval and execution

OpenClaw's system.run approval flow did not bind mutable interpreter-style script operands across approval and execution. A caller could obtain approval for an execution such as sh ./script.sh, rewrite the approved script before execution, and then execute different content under the previously...

6.3CVSS6.2AI score0.002EPSS
Exploits0References6
Snyk
Snyk
added 2026/03/02 11:33 p.m.4 views

Incorrect Authorization

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Incorrect Authorization via the system.run approvals. An attacker can cause execution of an unintended binary by crafting a command with a trailing-space in the executable token and...

8.8CVSS6.1AI score0.0029EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/03/02 11:33 p.m.15 views

OpenClaw: system.run approval identity mismatch could execute a different binary than displayed

Summary system.run approvals in OpenClaw used rendered command text as the approval identity while trimming argv token whitespace. Runtime execution still used raw argv. A crafted trailing-space executable token could therefore execute a different binary than what the approver saw. Affected...

6.5CVSS6.2AI score0.0029EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/03/02 10:3 p.m.5 views

GHSA-Q399-23R3-HFX4 OpenClaw: system.run approvals did not bind PATH-token executable identity, enabling post-approval executable rebind

Summary For host=node runs, approvals validated command context but did not pin executable identity for non-path-like argv0 tokens for example tr. If PATH resolution changed after approval, execution could run a different binary. Impact A previously approved action could execute a different...

8.7CVSS6.2AI score0.00091EPSS
Exploits0References4
Rows per page
Query Builder