EUVD-2026-12710
GHSA-vmqr-rc7x-3446
CVSS Vector
CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
4Tags
Description
OpenClaw versions prior to 2026.2.22 contain an allowlist bypass vulnerability in the safeBins configuration that allows attackers to invoke external helpers through the compress-program option. When sort is explicitly added to tools.exec.safeBins, remote attackers can bypass intended safe-bin approval constraints by leveraging the compress-program parameter to execute unauthorized external programs.
Analysis
OpenClaw versions before 2026.2.22 allow local attackers with high privileges to execute arbitrary commands through a safeBins allowlist bypass in the compress-program option, enabling unauthorized external program execution despite security constraints. The vulnerability exploits improper validation of the sort tool configuration to circumvent intended access controls. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 7 days: Identify all affected systems running an allowlist bypass vulnerability in the safeBins configurat and apply vendor patches promptly. Validate that input sanitization is in place for all user-controlled parameters.
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today