OpenClaw Weakened Exec Approval Binding Vulnerability via Busybox and Toybox Applet Execution

A vulnerability exists in OpenClaw versions 2026.2.23 prior to 2026.4.12, where the execution approval binding is weakened for applets in Busybox and Toybox. This flaw allows attackers to obscure which applet would actually be executed, creating a risk that unsafe applet invocations could be misclassified as safe. The vulnerability takes advantage of opaque multi-call binaries to bypass execution approval mechanisms.

Impact

Exploitation of this vulnerability could lead to improper execution of applets, allowing potentially unsafe operations to be performed without appropriate oversight or approval.

Reproduction

The vulnerability can be reproduced by creating a configuration that includes 'busybox' or 'toybox' in the 'safeBins' profile. When OpenClaw processes this configuration, it will incorrectly allow these applets to run without proper approval. This can be tested by invoking a Busybox or Toybox applet that executes a command, such as 'id', which would reveal the current user context. The execution can be monitored to confirm that the applet ran despite being flagged as unsafe.

Remediation

Users should upgrade to OpenClaw version 2026.4.12 or later. The latest version, 2026.4.14, includes the necessary fix.