PT-2026-25455 · Npm · Openclaw
Published
2026-03-03
·
Updated
2026-03-03
CVSS v4.0
5.1
Medium
| Vector | AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N |
Summary
On Windows, the Lobster extension previously retried certain spawn failures (
ENOENT/EINVAL) with shell: true for wrapper compatibility. In that fallback path, tool-provided arguments could be interpreted by cmd.exe if fallback was triggered.Affected Packages / Versions
- Package:
openclaw(npm) - Latest published version at triage:
2026.2.17 - Affected range:
>= 2026.1.21 <= 2026.2.17 - Patched version:
2026.2.19(pre-set for next release)
Fix
The Windows shell fallback was removed. Wrapper compatibility is preserved by resolving
.cmd/.bat shims to a concrete Node entrypoint (or executable) and executing with explicit argv (no shell). If a safe entrypoint cannot be resolved, execution now fails closed with a guided error.Fix Commit(s)
ba7be018da354ea9f803ed356d20464df0437916
Severity Context
This issue requires Windows plus fallback-triggering conditions, and argument control through a local operator-defined workflow.
OpenClaw thanks @tdjackey for reporting.
Fix
OS Command Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Openclaw