Description
OpenClaw versions prior to 2026.2.24 contain a policy bypass vulnerability in the safeBins allowlist evaluation that trusts static default directories including writable package-manager paths like /opt/homebrew/bin and /usr/local/bin. An attacker with write access to these trusted directories can place a malicious binary with the same name as an allowed executable to achieve arbitrary command execution within the OpenClaw runtime context.
Published: 2026-03-19
Score: 7 High
EPSS: < 1% Very Low
KEV: No
Impact: Arbitrary Command Execution
Action: Apply Patch
AI Analysis

Impact

OpenClaw versions prior to 2026.2.24 contain a policy bypass in the safeBins allowlist evaluation that blindly trusts static default directories such as /opt/homebrew/bin and /usr/local/bin. These directories are writable by package‑manager users, allowing an attacker to place a malicious binary that has the same name as a permitted executable. When OpenClaw references the binary, the attacker’s code is executed within the OpenClaw runtime context, giving the attacker arbitrary command execution. The vulnerability is a classic example of CWE‑426: Untrusted Search Path exploitation.

Affected Systems

Affected systems are all deployments of OpenClaw where the version is less than 2026.2.24. Vendors and users must confirm that their OpenClaw installation meets the pre‑2026.2.24 version criteria and check the safeBins configuration to ensure that the default directories are present.

Risk and Exploitability

The CVSS score of 7 reflects a high impact for potential local attackers. EPSS data is not available, but the vulnerability is listed as not in KEV, suggesting it may not be widely exploited yet. The likely attack vector is a local attacker who has write permission on /opt/homebrew/bin or /usr/local/bin; by placing a malicious binary with a matching name to a trusted executable, the attacker gains arbitrary command execution within the OpenClaw process. The impact is limited to the context of the OpenClaw runtime and does not inherently provide system‑wide access, but it can be leveraged to compromise the host if additional privileges are attainable.

Generated by OpenCVE AI on March 19, 2026 at 23:24 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade OpenClaw to version 2026.2.24 or later.
  • Restrict write access on /opt/homebrew/bin and /usr/local/bin to privileged accounts.
  • Modify the safeBins allowlist to exclude /usr/local/bin and /opt/homebrew/bin until the patch is applied.
  • Verify that all binaries in trusted directories are legitimately signed and unaltered.

Generated by OpenCVE AI on March 19, 2026 at 23:24 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-5gj7-jf77-q2q2 OpenClaw: safeBins static default trusted dirs allow writable-dir binary hijack (`jq`)
History

Sat, 21 Mar 2026 05:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 19 Mar 2026 22:15:00 +0000

Type Values Removed Values Added
Description OpenClaw versions prior to 2026.2.24 contain a policy bypass vulnerability in the safeBins allowlist evaluation that trusts static default directories including writable package-manager paths like /opt/homebrew/bin and /usr/local/bin. An attacker with write access to these trusted directories can place a malicious binary with the same name as an allowed executable to achieve arbitrary command execution within the OpenClaw runtime context.
Title OpenClaw < 2026.2.24 - Binary Hijacking via Static Default Trusted Directories in safeBins
First Time appeared Openclaw
Openclaw openclaw
Weaknesses CWE-426
CPEs cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*
Vendors & Products Openclaw
Openclaw openclaw
References
Metrics cvssV3_1

{'score': 5.7, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H'}

cvssV4_0

{'score': 7, 'vector': 'CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

Openclaw Openclaw
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-03-21T03:21:35.129Z

Reserved: 2026-03-10T19:48:38.210Z

Link: CVE-2026-32009

cve-icon Vulnrichment

Updated: 2026-03-21T03:21:31.371Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-19T22:16:33.787

Modified: 2026-03-23T18:33:03.603

Link: CVE-2026-32009

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-20T11:05:35Z

Weaknesses