CVE-2026-27545

EPSS 0.1%
Veröffentlicht 18.03.2026 02:16:23
Zuletzt bearbeitet 18.03.2026 19:51:34
Quelle disclosure@vulncheck.com
CVE-Watchlists
Login
Unerledigt
Login

OpenClaw < 2026.2.26 - Approval Bypass via Parent Symlink Current Working Directory Rebind

OpenClaw versions prior to 2026.2.26 contain an approval bypass vulnerability in system.run execution that allows attackers to execute commands from unintended filesystem locations by rebinding writable parent symlinks in the current working directory after approval. An attacker can modify mutable parent symlink path components between approval and execution time to redirect command execution to a different location while preserving the visible working directory string.

Betroffene Produkte Warnungen 0 Metriken 4 CWE 1 Referenzen 10

NVD 1 VulnDex Vulnerability Enrichment 1

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

OpenClaw ≫ OpenClaw SwPlatformnode.js Version < 2026.2.26

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.1%	0.008

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.7	1	3.6	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N
disclosure@vulncheck.com	6.9	0	0	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
disclosure@vulncheck.com	6.1	1.8	4.2	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L

CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition

The product checks the state of a resource before using that resource, but the resource's state can change between the check and the use in a way that invalidates the results of the check. This can cause the product to perform invalid actions when the resource is in an unexpected state.

https://github.com/openclaw/openclaw/commit/4b4718c8dfce2e2c48404aa5088af7c013bed60b

Patch

https://github.com/openclaw/openclaw/commit/4e690e09c746408b5e27617a20cb3fdc5190dbda

Patch

https://github.com/openclaw/openclaw/commit/78a7ff2d50fb3bcef351571cb5a0f21430a340c1

Patch

https://github.com/openclaw/openclaw/commit/d06632ba45a8482192792c55d5ff0b2e21abb0a7

Patch

https://github.com/openclaw/openclaw/commit/d82c042b09727a6148f3ca651b254c4a677aff26

Patch

https://github.com/openclaw/openclaw/security/advisories/GHSA-f7ww-2725-qvw2

Vendor Advisory

https://www.vulncheck.com/advisories/openclaw-approval-bypass-via-parent-symlink-current-working-directory-rebind

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2026-27545

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-27545

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-27545

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2026-27545