Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.8
OpenClaw allows unauthorized execution of certain commands
CVE-2026-28363
GHSA-7977-c43c-xpwj
GHSA-3c6h-g97w-fg78
Summary
A bug in OpenClaw's safe bin handling can allow certain commands to run without approval, which could potentially lead to security issues. This bug is fixed in version 2026.2.23, so users should update to this version or later. If you're using an affected version, review your safe bin settings to ensure they align with your security policies.
What to do
- Update steipete openclaw to version 2026.2.23.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| steipete | openclaw | <= 2026.2.23 | 2026.2.23 |
| openclaw | openclaw | <= 2026.2.23 | – |
Original title
OpenClaw's tools.exec.safeBins sort long-option abbreviation bypass can skip exec approval in allowlist mode
Original description
### Summary
In OpenClaw, `tools.exec.safeBins` validation for `sort` could be bypassed via GNU long-option abbreviations in allowlist mode, allowing approval-free execution paths that should require approval.
### Affected Packages / Versions
- Ecosystem: npm
- Package: `openclaw`
- Latest published version checked: `2026.2.22-2`
- Affected range: `<= 2026.2.22-2`
- Fixed version: `2026.2.23`
### Impact
When all of the following are true:
- `tools.exec.security=allowlist`
- `tools.exec.ask=on-miss`
- `tools.exec.safeBins` includes `sort`
abbreviated GNU long options (for example `--compress-prog`) could bypass denied-flag checks and be treated as allowlist-satisfied safe-bin usage, skipping approval.
### Root Cause
Long-option handling matched denied flags by exact string and accepted unknown long options with inline values instead of failing closed.
### Fix Commit(s)
- `3b8e33037ae2e12af7beb56fcf0346f1f8cbde6f`
### Release Process Note
`patched_versions` is pre-set to the released version (`2026.2.23`). This advisory now reflects released fix version `2026.2.23`.
OpenClaw thanks @tdjackey for reporting.
In OpenClaw, `tools.exec.safeBins` validation for `sort` could be bypassed via GNU long-option abbreviations in allowlist mode, allowing approval-free execution paths that should require approval.
### Affected Packages / Versions
- Ecosystem: npm
- Package: `openclaw`
- Latest published version checked: `2026.2.22-2`
- Affected range: `<= 2026.2.22-2`
- Fixed version: `2026.2.23`
### Impact
When all of the following are true:
- `tools.exec.security=allowlist`
- `tools.exec.ask=on-miss`
- `tools.exec.safeBins` includes `sort`
abbreviated GNU long options (for example `--compress-prog`) could bypass denied-flag checks and be treated as allowlist-satisfied safe-bin usage, skipping approval.
### Root Cause
Long-option handling matched denied flags by exact string and accepted unknown long options with inline values instead of failing closed.
### Fix Commit(s)
- `3b8e33037ae2e12af7beb56fcf0346f1f8cbde6f`
### Release Process Note
`patched_versions` is pre-set to the released version (`2026.2.23`). This advisory now reflects released fix version `2026.2.23`.
OpenClaw thanks @tdjackey for reporting.
nvd CVSS3.1
8.8
Vulnerability type
CWE-184
CWE-863
Incorrect Authorization
- https://nvd.nist.gov/vuln/detail/CVE-2026-28363
- https://github.com/openclaw/openclaw/security/advisories/GHSA-3c6h-g97w-fg78 Vendor Advisory
- https://github.com/openclaw/openclaw/commit/3b8e33037ae2e12af7beb56fcf0346f1f8cb...
- https://github.com/openclaw/openclaw/releases/tag/v2026.2.23
- https://github.com/advisories/GHSA-7977-c43c-xpwj
- https://github.com/openclaw/openclaw Product
Published: 3 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026