CVE-2026-22169
Allowlist Bypass in OpenClaw safeBins Enables Remote Code Execution
Publication date: 2026-03-18
Last updated on: 2026-03-25
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| openclaw | openclaw | to 2026.2.22 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-78 | The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
[{'type': 'paragraph', 'content': 'CVE-2026-22169 is an allowlist bypass vulnerability in OpenClaw versions prior to 2026.2.22. It occurs when the "sort" command is explicitly added to the tools.exec.safeBins allowlist configuration. Attackers can exploit the compress-program option of the sort command to invoke unauthorized external helper programs, bypassing the intended safe-bin approval constraints.'}, {'type': 'paragraph', 'content': 'This vulnerability allows remote attackers to execute unauthorized external commands by leveraging the compress-program parameter, which was not properly blocked in the safeBins configuration. The issue arises because the compress-program flag can invoke external executables, breaking the guarantee that safeBins only allow stdin-only operations and preventing file reads or external program execution.'}, {'type': 'paragraph', 'content': 'The underlying weaknesses include external control of system or configuration settings (CWE-15) and improper neutralization of special elements used in OS commands (CWE-78), leading to OS command injection.'}] [1, 2]
How can this vulnerability impact me? :
This vulnerability can allow attackers with local access and high privileges to bypass security restrictions intended to limit which binaries can be executed. By exploiting the compress-program option in the sort command, attackers can execute unauthorized external programs.
The impact includes high confidentiality, integrity, and availability risks, as unauthorized code execution can lead to data breaches, system compromise, or denial of service.
Because the attack requires high privileges and local access, the risk is somewhat mitigated, but the vulnerability still represents a significant security concern in environments where the safeBins configuration is customized to include sort.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': 'This vulnerability involves the misuse of the `sort` command with the `--compress-program` option when explicitly added to the tools.exec.safeBins allowlist. Detection involves checking if the `sort` command is configured in safeBins and if the `--compress-program` option is being used or allowed.'}, {'type': 'paragraph', 'content': 'You can inspect your OpenClaw configuration to see if `sort` is explicitly added to the tools.exec.safeBins allowlist and if the `--compress-program` option is permitted.'}, {'type': 'paragraph', 'content': 'To detect exploitation attempts or usage of the vulnerable configuration, you might run commands to check for processes invoking `sort` with `--compress-program` or audit logs for such invocations.'}, {'type': 'list_item', 'content': 'Check OpenClaw configuration files for `tools.exec.safeBins` entries including `sort`.'}, {'type': 'list_item', 'content': "Search running processes or command history for `sort --compress-program` usage, e.g., `ps aux | grep 'sort --compress-program'`."}, {'type': 'list_item', 'content': 'Audit system logs for commands or errors related to `sort --compress-program`.'}] [1, 2, 3]
What immediate steps should I take to mitigate this vulnerability?
The primary mitigation is to upgrade OpenClaw to version 2026.2.22 or later, where the vulnerability is fixed.
If upgrading immediately is not possible, you should remove the `sort` command from the tools.exec.safeBins allowlist or ensure that the `--compress-program` option is blocked in your safeBins configuration.
Specifically, block or disallow the `--compress-program` flag for the `sort` utility in the safeBins execution policy to prevent unauthorized external program execution.
- Upgrade OpenClaw to version 2026.2.22 or later.
- Remove `sort` from the tools.exec.safeBins allowlist if it is explicitly added.
- Configure safeBins to block the `--compress-program` flag for `sort`.
- Validate that no commands use `sort --compress-program` in your environment.