GHSA-X3H8-JRGH-P8JX: GHSA-X3H8-JRGH-P8JX: Execution Allowlist Bypass in OpenClaw via Heredoc Pars…

1 / 2

GHSA-X3H8-JRGH-P8JX: GHSA-X3H8-JRGH-P8JX: Execution Allowlist Bypass in OpenClaw via Heredoc Parsing Discrepancies

DEV Community·CVE Reports·28 days ago

#2pUM7mXG

#exploit #security #cve #cybersecurity #openclaw #bypass

Reading 0:00

15s threshold

GHSA-X3H8-JRGH-P8JX: Execution Allowlist Bypass in OpenClaw via Heredoc Parsing Discrepancies Vulnerability ID: GHSA-X3H8-JRGH-P8JX CVSS Score: 5.5 Published: 2026-05-04 The OpenClaw NPM package contains a security bypass vulnerability in its execution approval analyzer. The analyzer fails to properly parse unquoted heredocs due to incomplete implementation of POSIX shell expansion rules, allowing attackers to evade command allowlists and exfiltrate secrets. TL;DR OpenClaw versions up to 2026.4.21 fail to correctly parse POSIX line-splicing and variable expansions in unquoted heredocs. Attackers can bypass the execution allowlist to exfiltrate sensitive environment variables.…

Continue reading — create a free account

Join HashtagPLUS to read full articles, follow hashtags, vote, and join the conversation.

Create free account Log in

Menu

GHSA-X3H8-JRGH-P8JX: GHSA-X3H8-JRGH-P8JX: Execution Allowlist Bypass in OpenClaw via Heredoc Parsing Discrepancies