CVE-2026-41392

描述

## Summary Before OpenClaw 2026.3.31, exec allowlist matching could treat shell init-file wrapper invocations as if the approved script itself were being executed. Shell options such as `--rcfile`, `--init-file`, and `--startup-file` could therefore inherit allowlist trust from a matched script path even though the shell loaded attacker-chosen initialization first. ## Impact This issue only applied when exec allowlist or allow-always behavior was enabled and the attacker could steer a shell-wrapper command shape that used init-file options. The result was a narrower allowlist bypass, not generic arbitrary command execution from an untrusted boundary. ## Affected Packages / Versions - Package: `openclaw` (npm) - Affected versions: `< 2026.3.31` - Patched versions: `>= 2026.3.31` - Latest published npm version: `2026.4.1` ## Fix Commit(s) - `0c8375424620e12777ef24c162eedc7e9fcfd7e3` — reject shell init-file script matches ## Release Process Note The fix shipped in OpenClaw `2026.3.31` on March 31, 2026. The current published npm release `2026.4.1` from April 1, 2026 also contains the fix. Thanks @cyjhhh for reporting.

受影響套件(1)

• npm/openclawfrom 0, < 2026.3.31

CVSS 分數

參考連結(5)

• ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2026-41392
• PATCHhttps://github.com/openclaw/openclaw
• WEBhttps://github.com/openclaw/openclaw/commit/0c8375424620e12777ef24c162eedc7e9fcfd7e3
• WEBhttps://github.com/openclaw/openclaw/security/advisories/GHSA-wpc6-37g7-8q4w
• WEBhttps://www.vulncheck.com/advisories/openclaw-exec-allowlist-bypass-via-shell-init-file-options