Duplicate Advisory: allowlist exec-guard bypass via env -S
High severity
GitHub Reviewed
Published
Mar 19, 2026
to the GitHub Advisory Database
•
Updated Mar 20, 2026
Withdrawn
This advisory was withdrawn on Mar 20, 2026
Description
Published by the National Vulnerability Database
Mar 19, 2026
Published to the GitHub Advisory Database
Mar 19, 2026
Reviewed
Mar 20, 2026
Withdrawn
Mar 20, 2026
Last updated
Mar 20, 2026
Duplicate Advisory
This advisory has been withdrawn because it is a duplicate of GHSA-48wf-g7cp-gr3m. This link is maintained to preserve external references.
Original Description
OpenClaw versions prior to 2026.2.23 contain an allowlist bypass vulnerability in system.run guardrails that allows authenticated operators to execute unintended commands. When /usr/bin/env is allowlisted, attackers can use env -S to bypass policy analysis and execute shell wrapper payloads at runtime.
References