CVE-2026-29608

MEDIUM

OpenClaw 2026.3.1 < 2026.3.2 - Approval Integrity Bypass via system.run argv Rewriting

Title source: cna

Description

OpenClaw 2026.3.1 contains an approval integrity vulnerability in system.run node-host execution where argv rewriting changes command semantics. Attackers can place malicious local scripts in the working directory to execute unintended code despite operator approval of different command text.

References (3)

[Third Party Advisory] https://github.com/openclaw/openclaw/security/advisories/GHSA-h3rm-6x7g-882f

[Patch] https://github.com/openclaw/openclaw/commit/dded569626b0d8e7bdab10b5e7528b6caf73a0f1

View Patch ZIP pw:eip

[Third Party Advisory] https://www.vulncheck.com/advisories/openclaw-approval-integrity-bypass-via-system-run-argv-rewriting

Scores

CVSS v3 6.7

EPSS 0.0002

EPSS Percentile 6.0%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

Details

CWE

CWE-88

Status published

Products (3)

npm/openclaw 2026.3.1 - 2026.3.2npm

openclaw/openclaw 2026.3.1

OpenClaw/OpenClaw 2026.3.1 - 2026.3.2

Published Mar 19, 2026

Tracked Since Mar 19, 2026