PT-2026-25111 · Npm · Openclaw

Publicado

2026-03-03

·

Atualizado

2026-03-03

CVSS v3.1

7.8

Alta

VetorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

On macOS node-host, optional exec-approval allowlist mode previously treated basename-only entries (for example echo) as trusted command matches. This could allow a same-name local binary (for example ./echo) to run without approval under security=allowlist + ask=on-miss.

Scope / Preconditions

  • macOS node-host path.
  • Optional exec approvals feature enabled with security=allowlist.
  • Basename-only allowlist entries configured.
Default install posture is not impacted: security=deny by default.

Affected Packages / Versions

  • Package: openclaw (npm)
  • Latest published npm version at triage time: 2026.2.21-2
  • Vulnerable range: <=2026.2.21-2
  • Planned patched version (next release): >= 2026.2.22

Remediation

  • Enforced path-only allowlist matching on macOS node-host (basename fallback removed).
  • Added migration for legacy basename allowlist entries to last-resolved paths when available.
  • UI/store validation now rejects non-path allowlist patterns.

Fix Commit(s)

  • dd41fadcaf58fd9deb963d6e163c56161e7b35dd

Release Process Note

Patched version is pre-set for the planned next release (2026.2.22). Once that npm release is out, advisory can be published without further field edits.
OpenClaw thanks @tdjackey for reporting.

Correção

Untrusted Search Path

Incorrect Authorization

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-426CWE-863

Identificadores relacionados

GHSA-7F4Q-9RQH-X36P

Produtos afetados

Openclaw