CVE-2026-32015

HIGH

OpenClaw 2026.1.21 < 2026.2.19 - PATH Hijacking Bypass in tools.exec.safeBins Allowlist Validation

Title source: cna

Description

OpenClaw versions 2026.1.21 prior to 2026.2.19 contain a path hijacking vulnerability in tools.exec.safeBins that allows attackers to bypass allowlist checks by controlling process PATH resolution. Attackers who can influence the gateway process PATH or launch environment can execute trojan binaries with allowlisted names, such as jq, circumventing executable validation controls.

References (3)

[Third Party Advisory] https://github.com/openclaw/openclaw/security/advisories/GHSA-g75x-8qqm-2vxp

[Patch] https://github.com/openclaw/openclaw/commit/28bac46c92069dc728524fbf383024c1b64e5c23

View Patch ZIP pw:eip

[Third Party Advisory] https://www.vulncheck.com/advisories/openclaw-path-hijacking-bypass-in-tools-exec-safebins-allowlist-validation

Scores

CVSS v3 7.8

EPSS 0.0001

EPSS Percentile 3.2%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-426

Status published

Products (4)

npm/openclaw 2026.1.21 - 2026.2.19npm

OpenClaw/OpenClaw 2026.1.21 - 2026.2.19

openclaw/openclaw 2026.1.21 - 2026.2.19

OpenClaw/OpenClaw 2026.2.19

Published Mar 19, 2026

Tracked Since Mar 20, 2026