CVE-2026-32043

描述

### Summary In `[email protected]`, approval-bound `system.run` on node hosts could be influenced by mutable symlink `cwd` targets between approval and execution. ### Details Approval matching on the gateway validated command/argv and binding fields, including `cwd`, as provided text. Node execution later used runtime `cwd` resolution. A symlinked `cwd` could therefore be retargeted after approval and before spawn. OpenClaw's trust model does not treat one shared gateway as a multi-tenant adversarial boundary, but approval integrity is still a security boundary for operator-reviewed command execution. ### Affected Packages / Versions - Package: `openclaw` (npm) - Affected: `<= 2026.2.24` - Patched: `>= 2026.2.25` ### Fix Commit(s) - `f789f880c934caa8be25b38832f27f90f37903db` ### Remediation The fix adds defense-in-depth hardening for approval-bound node execution: - reject symlink `cwd` paths for approval-bound `system.run` - canonicalize path-like executable argv before spawn - bind CLI approval requests to exact `commandArgv` ### Release Process Note Patched version is pre-set to the release (`2026.2.25`). Advisory published with npm release `2026.2.25`. OpenClaw thanks @tdjackey for reporting.

受影響套件(1)

• npm/openclawfrom 0, < 2026.2.25

CVSS 分數

參考連結(5)

• ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2026-32043
• PATCHhttps://github.com/openclaw/openclaw
• WEBhttps://github.com/openclaw/openclaw/commit/f789f880c934caa8be25b38832f27f90f37903db
• WEBhttps://github.com/openclaw/openclaw/security/advisories/GHSA-mwcg-wfq3-4gjc
• WEBhttps://www.vulncheck.com/advisories/openclaw-time-of-check-time-of-use-via-mutable-symlink-in-system-run-cwd-parameter