CVE-2026-32016
Path Validation Bypass in OpenClaw exec-approval Allows Unauthorized Execution
Publication date: 2026-03-19
Last updated on: 2026-03-25
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| openclaw | openclaw | to 2026.2.22 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-426 | The product searches for critical resources using an externally-supplied search path that can point to resources that are not under the product's direct control. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in OpenClaw versions prior to 2026.2.22 on macOS. It is a path validation bypass in the exec-approval allowlist mode. Specifically, local attackers can exploit basename-only allowlist entries to execute unauthorized binaries. For example, an attacker can run a local binary named ./echo without approval when the security mode is set to allowlist and the ask setting is on-miss, thereby bypassing the intended path-based policy restrictions.
How can this vulnerability impact me? :
The vulnerability allows local attackers to execute unauthorized binaries on a system running vulnerable versions of OpenClaw. This means attackers can bypass security policies designed to restrict execution to approved binaries, potentially leading to unauthorized code execution with elevated privileges. The impact includes high confidentiality, integrity, and availability risks as indicated by the CVSS scores.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
I don't know
What immediate steps should I take to mitigate this vulnerability?
I don't know