Adnan Jakati

**Name of the Vulnerable Software and Affected Versions** Undici versions prior to 7.24.0 **Description** This is an uncontrolled resource consumption issue that can lead to a Denial of Service (DoS). When the `interceptors.deduplicate()` function is enabled in vulnerable versions, response data for deduplicated requests can accumulate in memory for downstream handlers. An attacker-controlled or untrusted upstream endpoint can exploit this with large or chunked responses and concurrent identical requests, causing high memory usage and potential Out Of Memory (OOM) process termination. Impacted users are applications that utilize Undici’s deduplication interceptor against endpoints that may produce large or long-lived response bodies. The issue is addressed by changing the deduplication behavior to stream response chunks to downstream handlers as they arrive, instead of accumulating the full body, and by preventing late deduplication when body streaming has already started. **Recommendations** Upgrade to Undici version 7.24.0 or later. Disable the `interceptors.deduplicate()` function for affected clients or routes. Use `skipHeaderNames` with a marker header to force high-risk requests to bypass deduplication. Avoid concurrent identical requests to untrusted endpoints that may return very large or chunked bodies. Apply upstream or proxy response-size and timeout limits.

**Name of the Vulnerable Software and Affected Versions** OpenClaw versions 2026.1.21 through 2026.2.18 **Description** The `tools.exec.safeBins` component contains a flaw where allowlist checks can be bypassed through path hijacking. This allows attackers to execute trojan binaries with allowlisted names, such as `jq`, circumventing executable validation controls. Attackers can exploit this issue by influencing the process `PATH` or launch environment. The vulnerable component is `tools.exec.safeBins`. The issue arises because the validation process previously accepted a resolved executable path based on the executable name and argument shape, without enforcing trusted executable directories. **Recommendations** OpenClaw versions 2026.1.21 through 2026.2.18 should be updated to version 2026.2.19 or later.

**Name of the Vulnerable Software and Affected Versions** OpenClaw versions prior to 2026.2.13 **Description** The browser control API in OpenClaw accepts user-supplied output paths for trace and download files without consistently constraining writes to temporary directories. Attackers with API access can exploit path traversal in the following API endpoints to write files outside intended temp roots: `/trace/stop`, `/wait/download`, and `/download`. The `POST` method is used for these endpoints. The vulnerable parameters or variables are not explicitly mentioned. **Recommendations** Upgrade to version 2026.2.13 or later.