GHSA-H36M-2VH5-X699 Duplicate Advisory: ACPX Windows wrapper shell fallback allowed cwd injection in specific paths

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-6f6j-wx9w-ff4j. This link is maintained to preserve external references. Original Description OpenClaw versions 2026.2.26 prior to 2026.3.1 on Windows contain a current working directory injection vulnerability ...

Duplicate Advisory: allowlist exec-guard bypass via env -S

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-48wf-g7cp-gr3m. This link is maintained to preserve external references. Original Description OpenClaw versions prior to 2026.2.23 contain an allowlist bypass vulnerability in system.run guardrails that allows...

Duplicate Advisory: OpenClaw's allow-always wrapper persistence could bypass future approvals and enable command execution

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-6j27-pc5c-m8w8. This link is maintained to preserve external references. Original Description OpenClaw versions prior to 2026.2.22 contain an authorization bypass vulnerability in allow-always wrapper persistenc...

Duplicate Advisory: ACPX Windows wrapper shell fallback allowed cwd injection in specific paths

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-6f6j-wx9w-ff4j. This link is maintained to preserve external references. Original Description OpenClaw versions 2026.2.26 prior to 2026.3.1 on Windows contain a current working directory injection vulnerability ...

GHSA-3846-MFVC-XWPF Duplicate Advisory: Exec allowlist wrapper analysis did not unwrap env/shell dispatch chains

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-jj82-76v6-933r. This link is maintained to preserve external references. Original Description OpenClaw versions prior to 2026.2.22 contain an allowlist bypass vulnerability in system.run exec analysis that fails...

CVE-2026-31999

OpenClaw versions 2026.2.26 prior to 2026.3.1 on Windows contain a current working directory injection vulnerability in wrapper resolution for .cmd/.bat files that allows attackers to influence execution behavior through cwd manipulation. Remote attackers can exploit improper shell execution...

CVE-2026-31999

OpenClaw versions 2026.2.26 prior to 2026.3.1 on Windows contain a current working directory injection vulnerability in wrapper resolution for .cmd/.bat files that allows attackers to influence execution behavior through cwd manipulation. Remote attackers can exploit improper shell execution...

CVE-2026-29607

OpenClaw versions prior to 2026.2.22 contain an authorization bypass vulnerability in allow-always wrapper persistence that allows attackers to bypass approval checks by persisting wrapper-level allowlist entries instead of validating inner executable intent. Remote attackers can approve benign...

CVE-2026-27566

OpenClaw versions prior to 2026.2.22 contain an allowlist bypass vulnerability in system.run exec analysis that fails to unwrap env and shell-dispatch wrapper chains. Attackers can route execution through wrapper binaries like env bash to smuggle payloads that satisfy allowlist entries while...

CVE-2026-27566

OpenClaw versions prior to 2026.2.22 contain an allowlist bypass vulnerability in system.run exec analysis that fails to unwrap env and shell-dispatch wrapper chains. Attackers can route execution through wrapper binaries like env bash to smuggle payloads that satisfy allowlist entries while...

CVE-2026-31999 OpenClaw 2026.2.26 < 2026.3.1 - Current Working Directory Injection via Windows Wrapper Resolution Fallback

OpenClaw versions 2026.2.26 prior to 2026.3.1 on Windows contain a current working directory injection vulnerability in wrapper resolution for .cmd/.bat files that allows attackers to influence execution behavior through cwd manipulation. Remote attackers can exploit improper shell execution...

EUVD-2026-13037

OpenClaw versions 2026.2.26 prior to 2026.3.1 on Windows contain a current working directory injection vulnerability in wrapper resolution for .cmd/.bat files that allows attackers to influence execution behavior through cwd manipulation. Remote attackers can exploit improper shell execution...

CVE-2026-31999

OpenClaw versions 2026.2.26 prior to 2026.3.1 on Windows contain a current working directory injection vulnerability in wrapper resolution for .cmd/.bat files that allows attackers to influence execution behavior through cwd manipulation. Remote attackers can exploit improper shell execution...

CVE-2026-31999 OpenClaw 2026.2.26 < 2026.3.1 - Current Working Directory Injection via Windows Wrapper Resolution Fallback

OpenClaw versions 2026.2.26 prior to 2026.3.1 on Windows contain a current working directory injection vulnerability in wrapper resolution for .cmd/.bat files that allows attackers to influence execution behavior through cwd manipulation. Remote attackers can exploit improper shell execution...

CVE-2026-31999

OpenClaw 2026.2.26 on Windows is affected by a current working directory (cwd) injection in wrapper resolution for .cmd/.bat files, prior to 2026.3.1. The vulnerability allows manipulation of the cwd during wrapper resolution to influence execution behavior, with potential command execution integ...

CVE-2026-31992 OpenClaw < 2026.2.23 - Allowlist Exec-Guard Bypass via env -S

OpenClaw versions prior to 2026.2.23 contain an allowlist bypass vulnerability in system.run guardrails that allows authenticated operators to execute unintended commands. When /usr/bin/env is allowlisted, attackers can use env -S to bypass policy analysis and execute shell wrapper payloads at...

CVE-2026-31992

OpenClaw versions prior to 2026.2.23 contain an allowlist bypass in system.run guardrails. If /usr/bin/env is allowlisted, an authenticated operator can use env -S to bypass policy analysis and execute shell wrapper payloads at runtime, enabling command execution with low privileges and potential...

CVE-2026-29607 OpenClaw < 2026.2.22 - Authorization Bypass via allow-always Wrapper Persistence

OpenClaw versions prior to 2026.2.22 contain an authorization bypass vulnerability in allow-always wrapper persistence that allows attackers to bypass approval checks by persisting wrapper-level allowlist entries instead of validating inner executable intent. Remote attackers can approve benign...

CVE-2026-29607

OpenClaw vulnerability CVE-2026-29607 affects OpenClaw versions prior to 2026.2.22. The flaw is an authorization bypass in the allow-always wrapper persistence, letting an attacker bypass approval checks by persisting wrapper-level allowlist entries instead of validating the inner executable inte...

CVE-2026-29607 OpenClaw < 2026.2.22 - Authorization Bypass via allow-always Wrapper Persistence

OpenClaw versions prior to 2026.2.22 contain an authorization bypass vulnerability in allow-always wrapper persistence that allows attackers to bypass approval checks by persisting wrapper-level allowlist entries instead of validating inner executable intent. Remote attackers can approve benign...