PT-2026-22351 · Npm · Openclaw
Published
2026-02-17
·
Updated
2026-02-17
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Summary
Exec approvals allowlist bypass via command substitution/backticks inside double quotes.
Affected Packages / Versions
- Package:
openclaw(npm) - Affected:
<= 2026.2.1 - Fixed:
>= 2026.2.2
Impact
Only affects setups that explicitly enable the optional exec approvals allowlist feature. Default installs are unaffected.
Fix
Reject unescaped
$() and backticks inside double quotes during allowlist analysis.Fix Commit(s)
- d1ecb46076145deb188abcba8f0699709ea17198
Thanks @simecek for reporting.
Fix
Argument Injection
OS Command Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Openclaw