CVE-2026-22169
MEDIUM6.4EPSS 0.04%OpenClaw's non-default safeBins sort configuration can bypass intended allowlist approval constraints
描述
When `sort` is explicitly added to `tools.exec.safeBins` (non-default), the `--compress-program` option can invoke an external helper and bypass the intended safe-bin approval constraints in allowlist mode. ## Affected Packages / Versions - Package: `openclaw` (npm) - Vulnerable versions: `<=2026.2.21-2` - Latest published npm version checked during triage: `2026.2.21-2` (as of February 22, 2026) - Patched in planned next release: `2026.2.22` ## Fix Commit(s) - `57fbbaebca4d34d17549accf6092ae26eb7b605c` ## Release Process Note `patched_versions` is pre-set to the planned next release (`>=2026.2.22`). Once that npm release is published, the advisory can be published directly. OpenClaw thanks @tdjackey for reporting.
受影響套件(1)
- npm/openclawfrom 0, < 2026.2.22
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | MEDIUM6.4 | CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H |