Primary

Context

OpenClaw Approval Integrity Vulnerability Allowing Unintended Code Execution

Vulnerability

A vulnerability in OpenClaw versions prior to 2026.3.11 allows for approval integrity bypass in the node-host 'system.run' approval mode. This vulnerability enables attackers to execute modified local scripts by changing them between the approval and execution stages, particularly when an exact file binding cannot be established. As a result, unintended code execution occurs under the OpenClaw runtime user.

Impact

Exploitation of this vulnerability could lead to unauthorized execution of local code, potentially allowing an attacker to perform actions or access resources as the OpenClaw runtime user.

Remediation

Users are advised to upgrade to OpenClaw version 2026.3.11 or later.

Added: Mar 29, 2026, 1:22 PM

Updated: Mar 29, 2026, 1:22 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

2.4

remediation

0.0

relevance

4.9

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

2.4

remediation

0.0

relevance

4.9

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

OpenClaw Approval Integrity Vulnerability Allowing Unintended Code Execution

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating