Xelitte

**Name of the Vulnerable Software and Affected Versions** OpenClaw versions prior to 2026.2.19 **Description** OpenClaw’s `exec` allowlist/safeBins policy can be bypassed with attached short-option payloads, such as `sort -o/tmp/poc`, enabling file-write operations while still satisfying safeBins checks. This bypass occurs due to insufficient argument validation when using short options with whitelisted binaries. Attackers can leverage this to perform unauthorized file-write operations that should be denied by the safeBins checks. The vulnerable component is the `exec` function, and the issue involves bypassing the `safeBins` policy. The vulnerable parameter is the command-line arguments passed to the whitelisted binaries. **Recommendations** OpenClaw versions prior to 2026.2.19 should be updated to version 2026.2.19 or later.