CVE-2026-27566

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.2.22

Description The system.run exec analysis in OpenClaw fails to fully unwrap env and shell-dispatch wrapper chains, resulting in an allowlist bypass. This allows wrapper-smuggled payloads, such as env bash -lc ..., to satisfy allowlist entries for the wrapper while executing non-allowlisted commands. An attacker who can trigger system.run requests under an allowlist policy could bypass intended allowlist restrictions by routing execution through wrapper binaries.

Recommendations Update OpenClaw to version 2026.2.22 or later.