CVE-2026-27545

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.2.26

Description OpenClaw is susceptible to an approval bypass issue within the system.run execution process. This allows attackers to execute commands from unexpected filesystem locations by manipulating writable parent symlinks in the current working directory after approval. Specifically, an attacker can modify mutable parent symlink path components between the approval and execution phases, redirecting command execution while maintaining the apparent working directory. The issue arises from the ability to bypass approval context for host=node executions by rebinding a writable parent symlink in the current working directory (cwd) after approval, preserving the visible cwd string. The vulnerability impacts command execution where an approved command for one filesystem location could be executed from a different location if a mutable parent symlink is altered between approval and execution. The vulnerable function is system.run.

Recommendations OpenClaw versions prior to 2026.2.26 should be updated to version 2026.2.26 or later.