CVE-2026-41392
Exec Allowlist Bypass in OpenClaw via Shell Init-File Options
Publication date: 2026-04-28
Last updated on: 2026-04-30
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| openclaw | openclaw | to 2026.3.31 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-184 | The product implements a protection mechanism that relies on a list of inputs (or properties of inputs) that are not allowed by policy or otherwise require other action to neutralize before additional processing takes place, but the list is incomplete. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows attackers to bypass exec allowlist restrictions and execute unauthorized code by exploiting shell initialization file options. This can lead to unauthorized access or modification of sensitive data, which may impact confidentiality, integrity, and availability.
Such unauthorized access or data manipulation could potentially result in non-compliance with common standards and regulations like GDPR or HIPAA, which require strict controls over data access and integrity.
However, the vulnerability is limited to scenarios where exec allowlist or allow-always behavior is enabled and an attacker can influence shell-wrapper commands, so the actual compliance impact depends on the deployment context and mitigation measures.
Can you explain this vulnerability to me?
CVE-2026-41392 is a vulnerability in OpenClaw versions prior to 2026.3.31 that allows attackers to bypass the exec allowlist mechanism. This happens because the system incorrectly treats shell commands that use initialization file options like --rcfile, --init-file, and --startup-file as if the approved script itself is being executed. As a result, attackers can load malicious initialization files through these shell options and inherit the allowlist trust, bypassing execution restrictions.
The vulnerability is related to CWE-184 (Incomplete List of Disallowed Inputs), meaning the protection mechanism did not fully filter out dangerous inputs. It only affects scenarios where exec allowlist or allow-always behavior is enabled and an attacker can influence shell-wrapper commands to include these init-file options.
How can this vulnerability impact me? :
This vulnerability can allow an attacker with limited privileges and local access to bypass execution restrictions imposed by OpenClaw's exec allowlist. By exploiting shell initialization file options, the attacker can load and execute malicious initialization scripts that inherit allowlist trust, potentially leading to unauthorized code execution.
The impact includes high confidentiality, integrity, and availability risks, as unauthorized code execution can compromise sensitive data, alter system behavior, or disrupt services. However, the attack requires local access, user interaction, and has high attack complexity.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for shell commands that invoke shell interpreters (such as bash) with initialization file options like --rcfile, --init-file, or --startup-file. These options are used to load attacker-controlled initialization files that bypass the exec allowlist.
You can look for suspicious command lines that include these options, for example by searching shell command histories, logs, or process executions for patterns matching these options.
- grep -r -- '--rcfile' /var/log/
- grep -r -- '--init-file' /var/log/
- grep -r -- '--startup-file' /var/log/
Additionally, monitoring running processes for commands containing these options can help detect exploitation attempts.
- ps aux | grep -- '--rcfile'
- ps aux | grep -- '--init-file'
- ps aux | grep -- '--startup-file'
What immediate steps should I take to mitigate this vulnerability?
The primary mitigation step is to upgrade OpenClaw to version 2026.3.31 or later, where this vulnerability has been fixed by rejecting shell init-file script matches that could bypass the exec allowlist.
Until the upgrade is applied, you should restrict or monitor the use of shell options --rcfile, --init-file, and --startup-file in your environment, especially in contexts where exec allowlist or allow-always behavior is enabled.
Implement monitoring and alerting on suspicious shell invocations using these options to detect potential exploitation attempts.
Review and tighten permissions and controls around scripts and shell initialization files to prevent attackers from placing malicious init files.