Moderate severityNVD Advisory· Published Mar 18, 2026· Updated Mar 18, 2026
OpenClaw < 2026.2.23 - Exec Approval Bypass via Unrecognized Multiplexer Shell Wrappers
CVE-2026-22175
Description
OpenClaw versions prior to 2026.2.23 contain an exec approval bypass vulnerability in allowlist mode where allow-always grants could be circumvented through unrecognized multiplexer shell wrappers like busybox and toybox sh -c commands. Attackers can exploit this by invoking arbitrary payloads under the same multiplexer wrapper to satisfy stored allowlist rules, bypassing intended execution restrictions.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
openclawnpm | < 2026.2.23 | 2026.2.23 |
Affected products
2Patches
Vulnerability mechanics
References
4- github.com/openclaw/openclaw/commit/a67689a7e3ad494b6637c76235a664322d526f9eghsapatchWEB
- github.com/advisories/GHSA-gwqp-86q6-w47gghsaADVISORY
- github.com/openclaw/openclaw/security/advisories/GHSA-gwqp-86q6-w47gghsathird-party-advisoryWEB
- www.vulncheck.com/advisories/openclaw-exec-approval-bypass-via-unrecognized-multiplexer-shell-wrappersmitrethird-party-advisory
News mentions
0No linked articles in our index yet.