Primary

Context

OpenClaw Approval-Integrity Vulnerability in Node-Host System.Run Allowing Unintended Command Execution

Vulnerability

A vulnerability exists in OpenClaw versions prior to 2026.3.11, specifically within the node-host 'system.run' approvals. This vulnerability allows for an approval-integrity issue where the interface displays extracted shell payloads instead of the actual executed arguments. As a result, attackers can introduce wrapper binaries and manipulate commands to execute local code, misleading operators into approving deceptive command representations.

Impact

Exploitation of this vulnerability could lead to unauthorized execution of local code, bypassing user approval integrity.

Remediation

Users are advised to upgrade to OpenClaw version 2026.3.11 or later.

Added: Mar 31, 2026, 12:25 PM

Updated: Mar 31, 2026, 12:25 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

2.4

remediation

0.0

relevance

5.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

2.4

remediation

0.0

relevance

5.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

OpenClaw Approval-Integrity Vulnerability in Node-Host System.Run Allowing Unintended Command Execution

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating