OpenClaw: External Helper Can Bypass Safe-Bin Approval

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

6.4

OpenClaw: External Helper Can Bypass Safe-Bin Approval

GHSA-vmqr-rc7x-3446

Summary

If you use OpenClaw, be aware that a recent version has a security issue. An attacker could use the `--compress-program` option to bypass the security checks that are meant to prevent malicious code from running. To fix this, upgrade to version 2026.2.22 or later once it's available.

What to do

Update openclaw to version 2026.2.22.

Affected software

Vendor	Product	Affected versions	Fix available
–	openclaw	<= 2026.2.22	2026.2.22

Original title

OpenClaw's non-default safeBins sort configuration can bypass intended allowlist approval constraints

Original description

When `sort` is explicitly added to `tools.exec.safeBins` (non-default), the `--compress-program` option can invoke an external helper and bypass the intended safe-bin approval constraints in allowlist mode.

## Affected Packages / Versions

- Package: `openclaw` (npm)
- Vulnerable versions: `<=2026.2.21-2`
- Latest published npm version checked during triage: `2026.2.21-2` (as of February 22, 2026)
- Patched in planned next release: `2026.2.22`

## Fix Commit(s)

- `57fbbaebca4d34d17549accf6092ae26eb7b605c`

## Release Process Note

`patched_versions` is pre-set to the planned next release (`>=2026.2.22`). Once that npm release is published, the advisory can be published directly.

OpenClaw thanks @tdjackey for reporting.

ghsa CVSS3.1 6.4

Vulnerability type

CWE-15

CWE-78 OS Command Injection

Published: 3 Mar 2026 · Updated: 7 Mar 2026 · First seen: 6 Mar 2026