Description
OpenClaw versions prior to 2026.2.19 contain an allowlist bypass vulnerability in the exec safeBins policy that allows attackers to write arbitrary files using short-option payloads. Attackers can bypass argument validation by attaching short options like -o to whitelisted binaries, enabling unauthorized file-write operations that should be denied by safeBins checks.
Published: 2026-03-19
Score: 6 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Unauthorized File Write
Action: Patch
AI Analysis

Impact

OpenClaw’s exec safeBins policy allows attackers to write arbitrary files using short‑option payloads. By attaching short options such as –o to binaries that are marked safe, an attacker can bypass argument validation and create or overwrite files within the application environment. This leads to unauthorized file‑write capabilities that may facilitate further compromise. The underlying weakness is identified as CWE‑184.

Affected Systems

Affected products: OpenClaw:OpenClaw. All OpenClaw releases prior to 2026.2.19 contain the vulnerability; the advisory indicates that version 2026.2.19 and later provide a fix.

Risk and Exploitability

The CVSS score is 6, indicating medium severity, and the EPSS score is not available. KEV does not list this vulnerability. The attack vector appears to involve supplying a crafted command that invokes a whitelisted binary with short‑option arguments; no explicit prerequisites or elevated privileges are mentioned in the description. Consequently, the risk is considered medium, but the ability to write files in sensitive locations could raise the impact if exploited.

Generated by OpenCVE AI on March 19, 2026 at 23:22 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade OpenClaw to version 2026.2.19 or later
  • Review and tighten the exec allowlist policy to disallow short options for binaries
  • If an upgrade cannot be performed immediately, monitor for suspicious file‑write activity and logs

Generated by OpenCVE AI on March 19, 2026 at 23:22 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-3x3x-h76w-hp98 OpenClaw exec allowlist safeBins short-option bypass could permit arbitrary file write
History

Wed, 25 Mar 2026 15:00:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 5.9, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L'}

 cvssV3_1

{'score': 7.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L'}

Fri, 20 Mar 2026 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 19 Mar 2026 22:15:00 +0000

Type Values Removed Values Added
Description OpenClaw versions prior to 2026.2.19 contain an allowlist bypass vulnerability in the exec safeBins policy that allows attackers to write arbitrary files using short-option payloads. Attackers can bypass argument validation by attaching short options like -o to whitelisted binaries, enabling unauthorized file-write operations that should be denied by safeBins checks.
Title OpenClaw < 2026.2.19 - Arbitrary File Write via Short-Option Bypass in exec Allowlist
First Time appeared Openclaw
Openclaw openclaw
Weaknesses CWE-184
CPEs cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*
Vendors & Products Openclaw
Openclaw openclaw
References
Metrics cvssV3_1

{'score': 5.9, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L'}

cvssV4_0

{'score': 6, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N'}

Subscriptions

Openclaw Openclaw
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-03-25T14:27:32.545Z

Reserved: 2026-03-10T19:48:38.211Z

Link: CVE-2026-32017

cve-icon Vulnrichment

Updated: 2026-03-20T18:12:40.561Z

cve-icon NVD

Status : Modified

Published: 2026-03-19T22:16:35.237

Modified: 2026-03-25T15:16:44.237

Link: CVE-2026-32017

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-20T11:05:28Z

Weaknesses