Primary

Context

OpenClaw Tools.exec.safeBins Validation Bypass Vulnerability Allowing Approval-Free Execution

Vulnerability

A vulnerability in OpenClaw versions through 2026.2.22-2 allows for a bypass of the tools.exec.safeBins validation for the sort command. This issue arises from the handling of GNU long-option abbreviations, such as --compress-prog, which can be used to circumvent approval requirements in allowlist mode. The vulnerability enables execution paths that should normally require approval to be accessed without it.

Impact

Exploiting this vulnerability could lead to unauthorized execution of commands that are supposed to require approval, potentially allowing for malicious actions to be performed without oversight.

Remediation

Users can upgrade to OpenClaw version 2026.2.23 or later to address this vulnerability.

Added: Feb 27, 2026, 4:19 AM

Updated: Feb 27, 2026, 4:19 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

5.2

remediation

0.0

relevance

3.3

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

5.2

remediation

0.0

relevance

3.3

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

OpenClaw Tools.exec.safeBins Validation Bypass Vulnerability Allowing Approval-Free Execution

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating