CVE-2026-29610

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.2.14

Description OpenClaw is susceptible to a command hijacking issue. Attackers can execute unintended binaries by manipulating the PATH environment variable through node-host execution or project-local bootstrapping. This is possible when OpenClaw relies on allowlist/safe-bin protections and expects the PATH to be trustworthy. An attacker requires authenticated access to node-host execution surfaces or the ability to run OpenClaw in attacker-controlled directories to place malicious executables in the PATH, overriding allowlisted safe-bin commands and achieving arbitrary command execution. Two scenarios can trigger this issue: A) Node Host PATH override (remote command hijack) and B) Project-local PATH bootstrapping (local command hijack). The system.run function is involved in the node-host execution scenario.

Recommendations OpenClaw versions prior to 2026.2.14 should be updated to version 2026.2.14 or later. Project-local node modules/.bin PATH bootstrapping is now disabled by default. If explicitly enabled, it is append-only via OPENCLAW ALLOW PROJECT LOCAL BIN=1. Node Host now ignores request-scoped PATH overrides.