CVE-2026-32059

Name of the Vulnerable Software and Affected Versions OpenClaw versions 2026.2.22-2 through 2026.2.22-2

Description The tools.exec.safeBins validation for the sort command does not properly validate GNU long-option abbreviations. This allows attackers to bypass denied-flag checks using abbreviated options. Remote attackers can execute sort commands with abbreviated long options to skip approval requirements when operating in allowlist mode. The issue occurs when tools.exec.security is set to allowlist, tools.exec.ask is set to on-miss, and tools.exec.safeBins includes sort. Long-option handling matched denied flags by exact string and accepted unknown long options with inline values instead of failing closed.

Recommendations Update OpenClaw to version 2026.2.23 or later.