CVE-2026-31997

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.3.1

Description OpenClaw fails to properly validate executable identity for non-path-like argv[0] tokens during system.run approvals. This allows for post-approval executable rebind attacks, where an attacker can modify the PATH resolution after approval to execute a different binary than the operator initially approved, potentially leading to arbitrary command execution. The system.run approvals did not pin executable identity, and path-token commands were not pinned to canonical executable identity (realpath) across approval and execution.

Recommendations Versions prior to 2026.3.1 should be updated to version 2026.3.1 or later.