GHSA-xf99-j42q-5w5p
Suggest an improvement- Source
- https://github.com/advisories/GHSA-xf99-j42q-5w5p
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/03/GHSA-xf99-j42q-5w5p/GHSA-xf99-j42q-5w5p.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-xf99-j42q-5w5p
- Aliases
-
- CVE-2026-32979
- Downstream
- Published
- 2026-03-13T15:47:41Z
- Modified
- 2026-04-06T22:51:39.079967Z
- Severity
-
- 7.3 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- OpenClaw: Unbound interpreter and runtime commands could bypass node-host approval integrity
- Details
-
Summary
In affected versions of
openclaw, node-hostsystem.runapprovals could still execute rewritten local code for interpreter and runtime commands when OpenClaw could not bind exactly one concrete local file operand during approval planning.Impact
Deployments using node-host
system.runapproval mode could approve a benign local script and then execute different local code if that script changed before execution. This can lead to unintended local code execution as the OpenClaw runtime user.Affected Packages and Versions
- Package:
openclaw(npm) - Affected versions:
<= 2026.3.8 - Fixed in:
2026.3.11
Technical Details
The approval flow treated some interpreter and runtime forms as approval-backed even when it could not honestly bind a single direct local script file. That left residual approval-integrity gaps for runtime forms outside the directly bound file set.
Fix
OpenClaw now fails closed for approval-backed interpreter and runtime commands unless it can bind exactly one concrete local file operand, and it extends best-effort direct-file binding for additional runtime forms. The fix shipped in
openclaw@2026.3.11.Workarounds
Upgrade to
2026.3.11or later. - Package:
- Database specific
{ "nvd_published_at": null, "severity": "HIGH", "github_reviewed": true, "cwe_ids": [ "CWE-367" ], "github_reviewed_at": "2026-03-13T15:47:41Z" }- References
-
- https://github.com/openclaw/openclaw/security/advisories/GHSA-xf99-j42q-5w5p
- https://nvd.nist.gov/vuln/detail/CVE-2026-32979
- https://github.com/openclaw/openclaw
- https://github.com/openclaw/openclaw/releases/tag/v2026.3.11
- https://www.vulncheck.com/advisories/openclaw-unbound-interpreter-and-runtime-commands-bypass-in-node-host-approval
Affected packages
npm / openclaw
Package
- Name
- openclaw
- View open source insights on deps.dev
- Purl
- pkg:npm/openclaw