CVE-2026-31993
MEDIUMOpenClaw < 2026.2.22 - Allowlist Parsing Mismatch in system.run Shell Chains
Title source: cnaDescription
OpenClaw versions prior to 2026.2.22 contain an allowlist parsing mismatch vulnerability in the macOS companion app that allows authenticated operators to bypass exec approval checks. Attackers with operator.write privileges and a paired macOS beta node can craft shell-chain payloads that pass incomplete allowlist validation and execute arbitrary commands on the paired host.
References (4)
Core 4
Core References
Third Party Advisory third-party-advisory
GitHub Security Advisory (GHSA-5f9p-f3w2-fwch)
https://github.com/openclaw/openclaw/security/advisories/GHSA-5f9p-f3w2-fwch
Patch patch
Patch Commit
https://github.com/openclaw/openclaw/commit/5da03e622119fa012285cdb590fcf4264c965cb5
Patch patch
Patch Commit
https://github.com/openclaw/openclaw/commit/e371da38aab99521c4e076cd3d95fd775e00b784
Third Party Advisory third-party-advisory
VulnCheck Advisory: OpenClaw < 2026.2.22 - Allowlist Parsing Mismatch in system.run Shell Chains
https://www.vulncheck.com/advisories/openclaw-allowlist-parsing-mismatch-in-system-run-shell-chains
Scores
CVSS v3
4.8
EPSS
0.0029
EPSS Percentile
20.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:H/A:L
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-184
Status
published
Products (3)
npm/openclaw
0 - 2026.2.22npm
OpenClaw/OpenClaw
< 2026.2.22
openclaw/openclaw
< 2026.2.22
Published
Mar 19, 2026
Tracked Since
Mar 19, 2026