CVE
CVE-2026-41390
OpenClaw has a gateway exec allowlist allow-always bypass via unregistered /usr/bin/script wrapper
Summary
Allow-always persistence did not unwrap /usr/bin/script and similar wrappers to the actual executed target before storing trust decisions.
Impact
A user approval for one wrapped command could persist trust for a wrapper binary that later executed a different underlying program.
Affected Component
src/infra/dispatch-wrapper-resolution.ts, src/infra/exec-wrapper-resolution.ts
Fixed Versions
- Affected:
<= 2026.3.24 - Patched:
>= 2026.3.28 - Latest stable
2026.3.28contains the fix.
Fix
Fixed by commit 83da3cfe31 (infra: unwrap script wrapper approval targets).
Package Versions Affected
Package Version
patch Availability
No items found.
Automatically patch vulnerabilities without upgrading
Fix Without Upgrading
Detect compatible fix
Apply safe remediation
Fix with a single pull request
CVSS Version
Severity
Base Score
CVSS Version
Score Vector
C
H
U
7
-
4.0
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
C
H
U
0
-
3.1
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
C
H
U
7.3
-
3.1
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Related Resources
No items found.
References
https://github.com/openclaw/openclaw/security/advisories/GHSA-6pfc-6m7w-m8fx, https://github.com/openclaw/openclaw/commit/83da3cfe31f016841e1deedda1a604696f4c488d, https://github.com/openclaw/openclaw, https://github.com/openclaw/openclaw/releases/tag/v2026.3.28
Basic Information
Ecosystem
