OpenClaw: Unauthorized Executable Run After Approved Action

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

8.7

OpenClaw: Unauthorized Executable Run After Approved Action

GHSA-q399-23r3-hfx4

Summary

OpenClaw's system.run approvals don't always lock in the intended executable, allowing a different binary to run if the system's PATH changes after approval. This means a previously approved action might not do what the operator thought it would. You should update to version 2026.3.1 or later to fix this issue.

What to do

Update openclaw to version 2026.3.1.

Affected software

Vendor	Product	Affected versions	Fix available
–	openclaw	<= 2026.3.1	2026.3.1

Original title

OpenClaw: system.run approvals did not bind PATH-token executable identity, enabling post-approval executable rebind

Original description

### Summary
For `host=node` runs, approvals validated command context but did not pin executable identity for non-path-like `argv[0]` tokens (for example `tr`). If PATH resolution changed after approval, execution could run a different binary.

### Impact
A previously approved action could execute a different executable than the operator approved.

### Fix
Node `system.run` approvals now require immutable `systemRunPlan` data, and path-token commands are pinned to canonical executable identity (`realpath`) across approval and execution.

### Affected and Patched Versions
- Affected: `<= 2026.2.26`
- Patched: `2026.3.1`

ghsa CVSS4.0 8.7

Vulnerability type

CWE-367

CWE-426

Published: 2 Mar 2026 · Updated: 7 Mar 2026 · First seen: 6 Mar 2026