CVE-2026-22175

HIGH

OpenClaw < 2026.2.23 - Exec Approval Bypass via Unrecognized Multiplexer Shell Wrappers

Title source: cna

Description

OpenClaw versions prior to 2026.2.23 contain an exec approval bypass vulnerability in allowlist mode where allow-always grants could be circumvented through unrecognized multiplexer shell wrappers like busybox and toybox sh -c commands. Attackers can exploit this by invoking arbitrary payloads under the same multiplexer wrapper to satisfy stored allowlist rules, bypassing intended execution restrictions.

References (3)

[Third Party Advisory] https://github.com/openclaw/openclaw/security/advisories/GHSA-gwqp-86q6-w47g

[Patch] https://github.com/openclaw/openclaw/commit/a67689a7e3ad494b6637c76235a664322d526f9e

View Patch ZIP pw:eip

[Third Party Advisory] https://www.vulncheck.com/advisories/openclaw-exec-approval-bypass-via-unrecognized-multiplexer-shell-wrappers

Scores

CVSS v3 7.1

EPSS 0.0003

EPSS Percentile 8.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-184

Status published

Products (4)

npm/openclaw 0 - 2026.2.23npm

OpenClaw/OpenClaw < 2026.2.23

openclaw/openclaw < 2026.2.23

OpenClaw/OpenClaw 2026.2.23

Published Mar 18, 2026

Tracked Since Mar 18, 2026