Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.1
OpenClaw Approval Bypass Using Shell Wrappers
GHSA-gwqp-86q6-w47g
CVE-2026-22175
Summary
OpenClaw's approval system can be tricked into allowing unauthorized access. If an attacker uses a specific type of shell wrapper, they can bypass the approval process, even if they shouldn't be allowed. This issue has been fixed in version 2026.2.23 of OpenClaw. If you're using a version earlier than 2026.2.23, update to the latest version to ensure your system is secure.
What to do
- Update steipete openclaw to version 2026.2.23.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| steipete | openclaw | <= 2026.2.23 | 2026.2.23 |
Original title
OpenClaw versions prior to 2026.2.23 contain an exec approval bypass vulnerability in allowlist mode where allow-always grants could be circumvented through unrecognized multiplexer shell wrappers ...
Original description
OpenClaw versions prior to 2026.2.23 contain an exec approval bypass vulnerability in allowlist mode where allow-always grants could be circumvented through unrecognized multiplexer shell wrappers like busybox and toybox sh -c commands. Attackers can exploit this by invoking arbitrary payloads under the same multiplexer wrapper to satisfy stored allowlist rules, bypassing intended execution restrictions.
osv CVSS4.0
7.8
Vulnerability type
CWE-184
Published: 18 Mar 2026 · Updated: 18 Mar 2026 · First seen: 18 Mar 2026