PT-2026-25490 — OS Command Injection in Npm Openclaw

PT-2026-25490 · Npm · Openclaw

Published

2026-03-03

Updated

2026-03-03

CVSS v3.1

6.4

Medium

Vector

AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

When sort is explicitly added to tools.exec.safeBins (non-default), the --compress-program option can invoke an external helper and bypass the intended safe-bin approval constraints in allowlist mode.

Affected Packages / Versions

Package: openclaw (npm)
Vulnerable versions: <=2026.2.21-2
Latest published npm version checked during triage: 2026.2.21-2 (as of February 22, 2026)
Patched in planned next release: 2026.2.22

Fix Commit(s)

57fbbaebca4d34d17549accf6092ae26eb7b605c

Release Process Note

patched versions is pre-set to the planned next release (>=2026.2.22). Once that npm release is published, the advisory can be published directly.

OpenClaw thanks @tdjackey for reporting.

Fix

OS Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-78CWE-15

Related Identifiers

GHSA-VMQR-RC7X-3446

Affected Products

Openclaw