CVE-2026-32009

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.2.24

Description OpenClaw versions prior to 2026.2.24 contain a policy bypass in the safeBins allowlist evaluation. The system trusts static default directories, including writable package-manager paths such as /opt/homebrew/bin and /usr/local/bin. An attacker who can write to these trusted directories can place a malicious binary with the same name as an allowed executable, leading to arbitrary command execution within the OpenClaw runtime context. The issue stems from default safe-bin trusted directories including package-manager paths and a trust decision based solely on directory membership for resolved executable paths. The safeBins policy bypass can lead to command execution.

Recommendations OpenClaw versions prior to 2026.2.24 should restrict default safe-bin trusted directories to immutable system paths: /bin, /usr/bin. OpenClaw versions prior to 2026.2.24 should require explicit operator opt-in for package-manager paths via tools.exec.safeBinTrustedDirs.