CVE-2026-32010

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.2.22

Description OpenClaw, when configured with sort manually added to tools.exec.safeBins, contains an allowlist bypass. This occurs in the safe-bin configuration when operating in allowlist mode with ask=on-miss enabled. Attackers can utilize the --compress-program flag with the sort command to execute arbitrary external programs without the necessary operator approval. The sort safe-bin profile allows the --compress-program flag as a valid value, potentially satisfying allowlist checks and bypassing approval prompts. This issue only affects non-default configurations where sort is explicitly included in tools.exec.safeBins. The vulnerable component is the sort function when invoked with the --compress-program flag. The affected API endpoint is not explicitly mentioned. The variable tools.exec.safeBins is relevant to the configuration.

Recommendations Versions prior to 2026.2.22 should be updated to version 2026.2.22 or later. Block the --compress-program flag in the safe-bin sort policy. Add unit and end-to-end regression coverage for sort --compress-program denial in safe-bin mode.