CVE-2026-43530

Name of the Vulnerable Software and Affected Versions OpenClaw versions 2026.2.23 through 2026.4.11

Description An issue exists in the execution of busybox and toybox applets where weakened exec approval binding allows attackers to obscure which applet is actually running. By exploiting opaque multi-call binaries (binaries that provide multiple tools within a single executable), attackers can bypass exec approval mechanisms and weaken the risk classification of unsafe applet invocations.

Recommendations Update to version 2026.4.12 or newer.