top of page
perceptive_background_267k.jpg

OpenClaw versions 2026.2.23 before 2026.4.12 contain a weakened exec approval binding vulnerability in busybox and toybox applet execution that allows attackers…

Published:

4 May 2026 at 22:00:00

Alert date:

5 May 2026 at 13:07:56

Source:

nvd.nist.gov

Click to open the original link from this advisory

Operating Systems, Security Tools

OpenClaw versions 2026.2.23 before 2026.4.12 contain a vulnerability that allows attackers to bypass exec approval mechanisms through busybox and toybox applet execution. The flaw enables obscuring which applet would actually run by exploiting opaque multi-call binaries. This weakens risk classification of unsafe applet invocations and compromises security controls. The vulnerability affects the exec approval binding functionality specifically. Attackers can leverage this to execute unauthorized code while evading detection mechanisms.

Technical details

Mitigation steps:

Affected products:

OpenClaw

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-43530
https://github.com/openclaw/openclaw/commit/666f48d9b882a8a1415ca53f9567c72499d850c9
https://github.com/openclaw/openclaw/security/advisories/GHSA-2cq5-mf3v-mx44
https://www.vulncheck.com/advisories/openclaw-weakened-exec-approval-binding-via-busybox-and-toybox-applet-execution

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page