CVE-2026-43530
HIGH WAF: Low
CVSS 8.8
Published: 2026-05-05
CWE-863
OpenClaw versions 2026.2.23 before 2026.4.12 contain a weakened exec approval binding vulnerability in busybox and toybox applet execution that allows attackers to obscure which applet would actually run. Attackers can exploit opaque multi-call binaries to bypass exec approval mechanisms and weaken risk classification of unsafe applet invocations.
WAF Coverage Analysis
Incorrect Authorization
Low WAF Coverage
OWASP: A01:2021 Broken Access Control
Affected Software
| Vendor | Product | Version |
|---|---|---|
| openclaw | openclaw | 2026.2.23 - 2026.4.12 |
References
- github.com (Patch)
- github.com (Vendor Advisory)
- www.vulncheck.com (Third Party Advisory)