Redgrave961

**Name of the Vulnerable Software and Affected Versions** FastGPT versions 4.14.7 and earlier **Description** FastGPT is an AI Agent building platform. The Python Sandbox (fastgpt-sandbox) includes security measures to prevent file writes using static detection and seccomp. These measures can be bypassed by remapping standard output (stdout), file descriptor 1, to an arbitrary writable file descriptor using the `fcntl` function. Following this remapping, writing through `sys.stdout.write()` still complies with the seccomp rule `write(fd==1)`, allowing for arbitrary file creation and overwriting within the sandbox container, despite the intended restriction against file writes. The `fcntl` function is used to manipulate file descriptors. **Recommendations** Versions prior to 4.14.7 should be updated.

**Name of the Vulnerable Software and Affected Versions** OpenClaw versions prior to 2026.2.19 **Description** OpenClaw’s `exec` allowlist/safeBins policy can be bypassed with attached short-option payloads, such as `sort -o/tmp/poc`, enabling file-write operations while still satisfying safeBins checks. This bypass occurs due to insufficient argument validation when using short options with whitelisted binaries. Attackers can leverage this to perform unauthorized file-write operations that should be denied by the safeBins checks. The vulnerable component is the `exec` function, and the issue involves bypassing the `safeBins` policy. The vulnerable parameter is the command-line arguments passed to the whitelisted binaries. **Recommendations** OpenClaw versions prior to 2026.2.19 should be updated to version 2026.2.19 or later.