CVE-2026-32010

Summary

OpenClaw versions prior to 2026.2.22 contain an allowlist bypass vulnerability in the safe-bin configuration when sort is manually added to tools.exec.safeBins. Attackers can invoke sort with the –compress-program flag to execute arbitrary external programs without operator approval in allowlist mode with ask=on-miss enabled.

Affected Software

VendorProductVersion RangeStatus
OpenClawOpenClaw0 < 2026.2.22affected
OpenClawOpenClaw2026.2.22unaffected

Weaknesses

  • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (CWE-78)

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References