CVE-2026-41390

HIGH7.3EPSS 0.03%

OpenClaw has a gateway exec allowlist allow-always bypass via unregistered /usr/bin/script wrapper

發布日:2026/3/31修改日:2026/4/28

描述

## Summary Allow-always persistence did not unwrap `/usr/bin/script` and similar wrappers to the actual executed target before storing trust decisions. ## Impact A user approval for one wrapped command could persist trust for a wrapper binary that later executed a different underlying program. ## Affected Component `src/infra/dispatch-wrapper-resolution.ts, src/infra/exec-wrapper-resolution.ts` ## Fixed Versions - Affected: `<= 2026.3.24` - Patched: `>= 2026.3.28` - Latest stable `2026.3.28` contains the fix. ## Fix Fixed by commit `83da3cfe31` (`infra: unwrap script wrapper approval targets`).

受影響套件(1)

npm/openclawfrom 0, < 2026.3.28

CVSS 分數

來源	版本	嚴重程度	向量
osv	CVSS 3.1	HIGH7.3	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

參考連結(4)

PATCHhttps://github.com/openclaw/openclaw
WEBhttps://github.com/openclaw/openclaw/commit/83da3cfe31f016841e1deedda1a604696f4c488d
WEBhttps://github.com/openclaw/openclaw/releases/tag/v2026.3.28
WEBhttps://github.com/openclaw/openclaw/security/advisories/GHSA-6pfc-6m7w-m8fx