OpenClaw versions prior to 2026.2.22 contain an allowlist bypass vulnerability in system.run exec analysis that fails to unwrap env and shell-dispatch wrapper c…

OpenClaw versions prior to 2026.2.22 contain a critical allowlist bypass vulnerability in system.run exec analysis. The vulnerability fails to properly unwrap environment and shell-dispatch wrapper chains, allowing attackers to route execution through wrapper binaries like 'env bash'. This enables attackers to smuggle malicious payloads that satisfy allowlist entries while executing non-allowlisted commands. The vulnerability affects the security control mechanism designed to restrict command execution, potentially leading to unauthorized code execution and system compromise.