PT-2026-25419 — Incomplete List of Disallowed Inputs in Npm Openclaw

PT-2026-25419 · Npm · Openclaw

Published

2026-03-03

Updated

2026-03-03

CVSS v3.1

7.1

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L

Summary

OpenClaw exec allowlist/safeBins policy could be bypassed with attached short-option payloads (for example sort -o/tmp/poc), enabling file-write operations while still satisfying safeBins checks.

Affected Packages / Versions

Package: openclaw (npm)
Affected versions: <= 2026.2.17
Latest published vulnerable version: 2026.2.17
Patched in: 2026.2.19

Impact

When tools.exec.security=allowlist and tools.exec.safeBins included affected binaries, attached short-option payloads could bypass safeBins argument validation and permit file-write behavior that should have been denied.

Fix Commit(s)

cfe8457a0f4aae5324daec261d3b0aad1461a4bc
bafdbb6f112409a65decd3d4e7350fbd637c7754
fec48a5006eab37c6a5821726ccaeec886486b13

OpenClaw thanks @FailButWin and @Redgrave961 for reporting.

Fix

Incomplete List of Disallowed Inputs

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-184

Related Identifiers

GHSA-3X3X-H76W-HP98

Affected Products

Openclaw