top of page
perceptive_background_267k.jpg

OpenClaw versions 2026.2.23 before 2026.4.12 contain a weakened exec approval binding vulnerability in busybox and toybox applet execution that allows attackers…

Published:

4 mei 2026 om 22:00:00

Alert date:

5 mei 2026 om 20:13:49

Source:

nvd.nist.gov

Click to open the original link from this advisory

Operating Systems, Security Tools

OpenClaw versions 2026.2.23 before 2026.4.12 contain a weakened exec approval binding vulnerability in busybox and toybox applet execution. The vulnerability allows attackers to obscure which applet would actually run by exploiting opaque multi-call binaries. Attackers can bypass exec approval mechanisms and weaken risk classification of unsafe applet invocations. This affects the security controls designed to prevent execution of potentially dangerous applets. The vulnerability impacts OpenClaw's ability to properly validate and control applet execution in containerized environments.

Technical details

Mitigation steps:

Affected products:

OpenClaw

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-43530
https://github.com/openclaw/openclaw/commit/666f48d9b882a8a1415ca53f9567c72499d850c9
https://github.com/openclaw/openclaw/security/advisories/GHSA-2cq5-mf3v-mx44
https://www.vulncheck.com/advisories/openclaw-weakened-exec-approval-binding-via-busybox-and-toybox-applet-execution

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page