CVE-2026-27545

MEDIUM EPSS 0.8%
Published Mar 18, 20263mo ago · Modified Jun 17, 20261w ago
6.9 CVSS 4.0
Medium
Find Similar
Published Mar 18, 2026 3mo ago
Last Modified Jun 17, 2026 1w ago

Description

OpenClaw versions prior to 2026.2.26 contain an approval bypass vulnerability in system.run execution that allows attackers to execute commands from unintended filesystem locations by rebinding writable parent symlinks in the current working directory after approval. An attacker can modify mutable parent symlink path components between approval and execution time to redirect command execution to a different location while preserving the visible working directory string.

CVSS Details

Base Score
6.9
Exploitability
Impact
Vector string
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope X

Threat Intelligence

EPSS Exploit Probability
0.8% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-367

Affected Products 1

VendorProductVersionRange
openclawopenclaw* <2026.2.26

References 7

  • github.com https://github.com/openclaw/openclaw/commit/4b4718c8dfce2e2c48404aa5088af7c013bed60b
    Patch
  • github.com https://github.com/openclaw/openclaw/commit/4e690e09c746408b5e27617a20cb3fdc5190dbda
    Patch
  • github.com https://github.com/openclaw/openclaw/commit/78a7ff2d50fb3bcef351571cb5a0f21430a340c1
    Patch
  • github.com https://github.com/openclaw/openclaw/commit/d06632ba45a8482192792c55d5ff0b2e21abb0a7
    Patch
  • github.com https://github.com/openclaw/openclaw/commit/d82c042b09727a6148f3ca651b254c4a677aff26
    Patch
  • github.com https://github.com/openclaw/openclaw/security/advisories/GHSA-f7ww-2725-qvw2
    Vendor Advisory
  • vulncheck.com https://www.vulncheck.com/advisories/openclaw-approval-bypass-via-parent-symlink-current-working-directory-rebind
    Third Party Advisory

Remediation

  • github.com https://github.com/openclaw/openclaw/commit/4b4718c8dfce2e2c48404aa5088af7c013bed60b
    Patch
  • github.com https://github.com/openclaw/openclaw/commit/4e690e09c746408b5e27617a20cb3fdc5190dbda
    Patch
  • github.com https://github.com/openclaw/openclaw/commit/78a7ff2d50fb3bcef351571cb5a0f21430a340c1
    Patch
  • github.com https://github.com/openclaw/openclaw/commit/d06632ba45a8482192792c55d5ff0b2e21abb0a7
    Patch
  • github.com https://github.com/openclaw/openclaw/commit/d82c042b09727a6148f3ca651b254c4a677aff26
    Patch