macOS
CVE-2026-32016
HIGH
Severity by source
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3DescriptionCVE.org
OpenClaw versions prior to 2026.2.22 on macOS contain a path validation bypass vulnerability in the exec-approval allowlist mode that allows local attackers to execute unauthorized binaries by exploiting basename-only allowlist entries. Attackers can execute same-name local binaries ./echo without approval when security=allowlist and ask=on-miss are configured, bypassing intended path-based policy restrictions.
AnalysisAI
OpenClaw prior to version 2026.2.22 on macOS allows local attackers with user-level privileges to execute unauthorized binaries by bypassing path validation in the exec-approval allowlist mode through basename-only entries. An attacker can execute same-named local binaries without approval when the security allowlist policy is enabled, circumventing intended path-based restrictions. A patch is not currently available.
Technical ContextAI
OpenClaw is a security tool that provides execution approval mechanisms for binaries on macOS systems. The vulnerability stems from CWE-426 (Untrusted Search Path), where the application fails to properly validate the full path of executables when matching against allowlist entries that contain only basenames. When configured in allowlist mode with ask=on-miss enabled, the application incorrectly matches executables based solely on their basename rather than their full path, allowing attackers to execute local binaries with the same name as allowed system binaries. This path traversal weakness undermines the intended security model of path-based execution policies.
RemediationAI
Upgrade OpenClaw to version 2026.2.22 or later, which contains the fix implemented in commit dd41fadcaf58fd9deb963d6e163c56161e7b35dd (https://github.com/openclaw/openclaw/commit/dd41fadcaf58fd9deb963d6e163c56161e7b35dd). Until patching is possible, review and update allowlist configurations to use full paths instead of basename-only entries, and consider temporarily disabling the ask=on-miss feature if security requirements permit. Organizations should audit their OpenClaw configurations to identify systems using the vulnerable allowlist mode and prioritize updates based on the sensitivity of the protected systems.
An unauthenticated remote code execution vulnerability exists in Remote for Mac, a macOS remote control utility develope
A use-after-free issue was addressed with improved memory management. Rated high severity (CVSS 8.8), this vulnerability
Apple's kernel across all platforms (iOS, macOS, watchOS, visionOS, tvOS) contains a memory corruption vulnerability (CV
Remote code execution in OpenSSH's sshd server (regression of CVE-2006-5051) allows unauthenticated remote attackers to
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remot
The issue was addressed with improved checks. Rated high severity (CVSS 7.0). Actively exploited in the wild (cisa kev)
A logic issue was addressed with improved restrictions. Rated high severity (CVSS 7.8), this vulnerability is no authent
In Sudo before 1.9.12p2, the sudoedit (aka -e) feature mishandles extra arguments passed in the user-provided environmen
A race condition was addressed with additional validation. Rated high severity (CVSS 7.0), this vulnerability is no auth
This issue was addressed with improved checks. Rated critical severity (CVSS 10.0), this vulnerability is remotely explo
When doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data t
When curl < 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the
Same weakness CWE-426 – Untrusted Search Path
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
GHSA-7f4q-9rqh-x36p