CVE-2026-27183

MEDIUM

OpenClaw < 2026.3.7 - Shell Approval Gating Bypass via Dispatch Wrapper Depth Mismatch

Title source: cna

Description

OpenClaw versions prior to 2026.3.7 contain a shell approval gating bypass vulnerability in system.run dispatch-wrapper handling that allows attackers to skip shell wrapper approval requirements. The approval classifier and execution planner apply different depth-boundary rules, permitting exactly four transparent dispatch wrappers like repeated env invocations before /bin/sh -c to bypass security=allowlist approval gating by misaligning classification with execution planning.

References (3)

[Third Party Advisory] https://github.com/openclaw/openclaw/security/advisories/GHSA-r6qf-8968-wj9q

[Patch] https://github.com/openclaw/openclaw/commit/2fc95a7cfc1eb9306356510b0251b6d51fb1c0b0

View Patch ZIP pw:eip

[Third Party Advisory] https://vulncheck.com/advisories/openclaw-mar-shell-approval-gating-bypass-via-dispatch-wrapper-depth-mismatch

Scores

CVSS v3 5.3

EPSS 0.0001

EPSS Percentile 2.5%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-863

Status published

Products (4)

npm/openclaw 0 - 2026.3.7npm

OpenClaw/OpenClaw < 2026.3.7

openclaw/openclaw < 2026.3.7

OpenClaw/OpenClaw 2026.3.7

Published Mar 23, 2026

Tracked Since Mar 24, 2026