Main Vulnerability Database Vulnerabilities #VU128801

Untrusted search path in OpenClaw - #VU128801

Published: May 1, 2026

Vulnerability identifier: #VU128801

CSH Severity: Low

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: N/A

CWE-ID: CWE-426

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
OpenClaw

Software vendor:
OpenClaw

Description

The vulnerability allows a remote user to execute commands.

The vulnerability exists due to an untrusted search path in tools.exec.safeBins when resolving safe-bin executables from PATH-derived directories in allowlist mode. A remote user can place a same-name binary in a trusted PATH directory to execute commands.

Exploitation requires that allowlist mode relies on safe bins and that the attacker can influence trusted binary locations.

Remediation

Install security update from vendor's website.

External links

https://github.com/openclaw/openclaw/security/advisories/GHSA-qhrr-grqp-6x2g
https://github.com/openclaw/openclaw/commit/64b273a71cf0b2f2419c974832cede1fc2158729

Untrusted search path in OpenClaw - #VU128801

Description

Remediation

External links

Please verify you're human