Description
OpenClaw before 2026.3.31 contains an exec allowlist bypass vulnerability allowing attackers to inherit allowlist trust via shell init-file wrapper invocations. Attackers can exploit shell options like --rcfile, --init-file, and --startup-file to load attacker-chosen initialization files while bypassing exec allowlist matching restrictions.
Published: 2026-04-28
Score: 5.4 Medium
EPSS: n/a
KEV: No
Impact: Bypassing exec allowlist enables arbitrary command execution
Action: Update
AI Analysis

Impact

OpenClaw versions prior to 2026.3.31 allow attackers to bypass the exec allowlist by supplying shell options such as --rcfile, --init-file, and --startup-file. These options can point to attacker‑controlled initialization files, causing the shell to load and execute arbitrary code without being subject to the allowlist restrictions. This flaw effectively removes the boundary that was intended to restrict which commands could run, potentially leading to full command‑line compromise if an attacker can invoke the shell with malicious options.

Affected Systems

The vulnerability affects OpenClaw installations running a version earlier than 2026.3.31. No specific build numbers are listed beyond the date, so all releases before that cutoff are considered vulnerable. The affected product is the OpenClaw application stack, including its bundled environment that processes user‑supplied shell options.

Risk and Exploitability

The CVSS score of 5.4 indicates a moderate impact. EPSS data is not available, and the flaw is not listed in the CISA KEV catalog, suggesting a lower likelihood of widespread exploitation at this time. Nevertheless, the ability to execute arbitrary commands through the exec allowlist bypass is a serious issue if an attacker can supply the malicious shell options, potentially enabling remote code execution in scenarios where the shell is launched with user input.

Generated by OpenCVE AI on April 28, 2026 at 23:04 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade OpenClaw to version 2026.3.31 or newer, which removes the problematic init-file handling
  • Configure the environment to disallow or validate shell initialization files, ensuring that --rcfile, --init-file, and --startup-file options cannot be set by untrusted users
  • Audit existing deployment to verify that no custom init files or shell options are being used that could expose the allowlist bypass

Generated by OpenCVE AI on April 28, 2026 at 23:04 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 28 Apr 2026 19:15:00 +0000

Type Values Removed Values Added
Description OpenClaw before 2026.3.31 contains an exec allowlist bypass vulnerability allowing attackers to inherit allowlist trust via shell init-file wrapper invocations. Attackers can exploit shell options like --rcfile, --init-file, and --startup-file to load attacker-chosen initialization files while bypassing exec allowlist matching restrictions.
Title OpenClaw < 2026.3.31 - Exec Allowlist Bypass via Shell Init-File Options
First Time appeared Openclaw
Openclaw openclaw
Weaknesses CWE-184
CPEs cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*
Vendors & Products Openclaw
Openclaw openclaw
References
Metrics cvssV3_1

{'score': 6.7, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 5.4, 'vector': 'CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Openclaw Openclaw
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-04-29T12:18:18.101Z

Reserved: 2026-04-20T14:13:45.348Z

Link: CVE-2026-41392

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-04-28T19:37:42.447

Modified: 2026-04-28T20:10:23.367

Link: CVE-2026-41392

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-28T23:15:43Z

Weaknesses