SB2026041788 - Multiple vulnerabilities in OpenClaw
Published: April 17, 2026 Updated: April 30, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 4 vulnerabilities.
1) OS Command Injection (CVE-ID: N/A)
CWE-ID: CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote attacker to execute arbitrary commands.
The vulnerability exists due to improper neutralization of special elements used in an os command in exec preflight handling when processing shell-wrapper and argv-level environment assignment forms. A remote attacker can supply crafted environment assignment input to execute arbitrary commands.
High-risk shell environment controls such as SHELLOPTS and PS4 are implicated by the advisory.
2) Improper access control (CVE-ID: N/A)
CWE-ID: CWE-284 - Improper Access Control
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote user to bypass approval authorization checks.
The vulnerability exists due to improper access control in helper-backed channel approval resolution when processing an empty resolved approver list. A remote user can resolve pending approvals using a known approval id to bypass approval authorization checks.
The issue affects senders outside the normal channel authorization gate.
3) Incorrect authorization (CVE-ID: N/A)
CWE-ID: CWE-863 - Incorrect Authorization
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote user to execute unintended busybox or toybox applets.
The vulnerability exists due to incorrect authorization in exec approval binding when handling execution of busybox or toybox multi-call binaries. A remote user can invoke a busybox or toybox command to execute unintended busybox or toybox applets.
Opaque multi-call binaries can obscure which applet or script-like behavior will actually run.
4) Server-Side Request Forgery (SSRF) (CVE-ID: N/A)
CWE-ID: CWE-918 - Server-Side Request Forgery (SSRF)
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote attacker to perform server-side request forgery and cause fetched content to be re-uploaded through the channel.
The vulnerability exists due to insufficient request destination validation in QQBot reply media URL handling when processing reply media URLs as trusted media sources. A remote attacker can supply a crafted media URL to perform server-side request forgery and cause fetched content to be re-uploaded through the channel.
Remediation
Install update from vendor's website.
References
- https://github.com/openclaw/openclaw/security/advisories/GHSA-j6c7-3h5x-99g9
- https://github.com/advisories/GHSA-j6c7-3h5x-99g9
- https://github.com/openclaw/openclaw/security/advisories/GHSA-49cg-279w-m73x
- https://github.com/advisories/GHSA-49cg-279w-m73x
- https://github.com/openclaw/openclaw/security/advisories/GHSA-2cq5-mf3v-mx44
- https://github.com/openclaw/openclaw/security/advisories/GHSA-2767-2q9v-9326
- https://github.com/openclaw/openclaw/pull/63495