Get a Demo

Let's Patch It!

Book a short call with one our specialists, we'll walk you through how Endor Patches work, and ask you a few questions about your environment (like your primary programming languages and repository management). We'll also send you an email right after you fill out the form, feel free to reply with any questions you have in advance!

CVE

CVE-2026-32015

OpenClaw's `tools.exec.safeBins` PATH-hijack allowed trojan binaries to bypass allowlist checks
Back to all
CVE

CVE-2026-32015

OpenClaw's `tools.exec.safeBins` PATH-hijack allowed trojan binaries to bypass allowlist checks

Summary

tools.exec.safeBins allowlist checks could be bypassed by PATH-hijacked binaries, allowing execution of attacker-controlled trojan binaries under an allowlisted executable name.

Affected Packages / Versions

  • Package: openclaw (npm)
  • Latest published version at triage time: 2026.2.17
  • Affected range: >= 2026.1.21 < 2026.2.18
  • Patched version: 2026.2.19

Impact

In allowlist mode, safeBins validation previously accepted a resolved executable path based on executable name and argument shape, without enforcing trusted executable directories. If an attacker could influence process PATH resolution before gateway startup (or otherwise control the gateway launch environment), a trojan binary with an allowlisted name (for example jq) could be executed.

Severity Rationale

This issue is rated medium because exploitation requires an additional precondition: influencing the gateway process PATH / launch environment. Request-scoped PATH injection is blocked for host execution.

Fix

safeBins now requires the resolved executable path to come from trusted bin directories (system defaults plus gateway startup PATH), closing the bypass.

Fix Commit(s)

  • 28bac46c92069dc728524fbf383024c1b64e5c23

OpenClaw thanks @jackhax for reporting.

Package Versions Affected

Package Version
patch Availability
No items found.

Automatically patch vulnerabilities without upgrading

Fix Without Upgrading
Detect compatible fix
Apply safe remediation
Fix with a single pull request

CVSS Version

Severity
Base Score
CVSS Version
Score Vector
C
H
U
7.3
-
4.0
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
C
H
U
0
-
3.1
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
C
H
U
7.8
-
3.1
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Related Resources

No items found.

References

https://github.com/openclaw/openclaw/security/advisories/GHSA-g75x-8qqm-2vxp, https://nvd.nist.gov/vuln/detail/CVE-2026-32015, https://github.com/openclaw/openclaw/commit/28bac46c92069dc728524fbf383024c1b64e5c23, https://github.com/openclaw/openclaw, https://www.vulncheck.com/advisories/openclaw-path-hijacking-bypass-in-tools-exec-safebins-allowlist-validation

Severity

7.8

CVSS Score
0
10

Basic Information

Ecosystem
Base CVSS
7.8
EPSS Probability
0.00015%
EPSS Percentile
0.03286%
Introduced Version
2026.1.21,2026.2.15,2026.2.13,2026.2.6-1,2026.2.2,2026.2.3-1,2026.1.29-beta.1,2026.1.27-beta.1
Fix Available
2026.2.19

Fix Critical Vulnerabilities Instantly

Secure your app without upgrading.
Fix Without Upgrading