CVE-2026-32978

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.3.11

Description The software contains an approval integrity issue where system.run approvals do not properly bind mutable file operands for specific script runners, including tsx and jiti. This allows attackers to gain approval for harmless script commands, modify the referenced scripts on disk, and then execute the altered code within the approved execution environment.

Recommendations Update to version 2026.3.11 or later.