CVE-2026-31993

MEDIUM

OpenClaw < 2026.2.22 - Allowlist Parsing Mismatch in system.run Shell Chains

Title source: cna

Description

OpenClaw versions prior to 2026.2.22 contain an allowlist parsing mismatch vulnerability in the macOS companion app that allows authenticated operators to bypass exec approval checks. Attackers with operator.write privileges and a paired macOS beta node can craft shell-chain payloads that pass incomplete allowlist validation and execute arbitrary commands on the paired host.

References (4)

[Third Party Advisory] https://github.com/openclaw/openclaw/security/advisories/GHSA-5f9p-f3w2-fwch

[Patch] https://github.com/openclaw/openclaw/commit/5da03e622119fa012285cdb590fcf4264c965cb5

[Patch] https://github.com/openclaw/openclaw/commit/e371da38aab99521c4e076cd3d95fd775e00b784

View Patch ZIP pw:eip

[Third Party Advisory] https://www.vulncheck.com/advisories/openclaw-allowlist-parsing-mismatch-in-system-run-shell-chains

Scores

CVSS v3 4.8

EPSS 0.0007

EPSS Percentile 21.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:H/A:L

Details

CWE

CWE-184

Status published

Products (3)

npm/openclaw 0 - 2026.2.22npm

OpenClaw/OpenClaw < 2026.2.22

openclaw/openclaw < 2026.2.22

Published Mar 19, 2026

Tracked Since Mar 19, 2026