CVE-2026-32016

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.2.22

Description The software contains a path validation bypass issue in the exec-approval allowlist mode on macOS. This allows local attackers to execute unauthorized binaries by exploiting basename-only allowlist entries. Specifically, attackers can execute same-name local binaries, such as ./echo, without approval when security=allowlist and ask=on-miss are configured, bypassing intended path-based policy restrictions.

Recommendations Versions prior to 2026.2.22 should be updated. Enforced path-only allowlist matching has been implemented on macOS node-host, removing the basename fallback. A migration for legacy basename allowlist entries to last-resolved paths has been added when available. UI/store validation now rejects non-path allowlist patterns.