Tag
npm PraisonAI utility-tools.shell() Allowlist Bypass via Shell Chaining (GHSA-5jv7-2mjm-h6qj)
2 rules 1 TTPThe npm package `praisonai` versions 1.5.1 through 1.7.1 contains a command injection vulnerability (GHSA-5jv7-2mjm-h6qj) in its `utility-tools.shell()` helper, which allows attackers to bypass a 'safe read-only' command allowlist by appending arbitrary shell commands with metacharacters after an allowed command, leading to arbitrary code execution with the PraisonAI process privileges.
OpenClaw Heredoc Shell Expansion Bypass (CVE-2026-44115)
2 rules 1 TTP 1 CVEOpenClaw before 2026.4.22 is vulnerable to shell expansion in unquoted heredoc bodies, allowing attackers to bypass exec allowlist validation and execute unauthorized commands.
OpenClaw Exec Allowlist Bypass Vulnerability (CVE-2026-41390)
2 rules 2 TTPs 1 CVEOpenClaw before version 2026.3.28 contains an exec allowlist bypass vulnerability (CVE-2026-41390) that allows attackers to persist trust for wrapper binaries like /usr/bin/script to execute different underlying programs, potentially leading to privilege escalation.
OpenClaw Microsoft Teams Plugin Sender Allowlist Bypass (CVE-2026-34506)
2 rules 2 TTPs 1 CVEOpenClaw before 2026.3.8 contains a sender allowlist bypass vulnerability in its Microsoft Teams plugin, allowing unauthorized senders to bypass intended authorization checks due to improper handling of empty groupAllowFrom parameters, potentially leading to information disclosure.
OpenClaw Exec Allowlist Bypass via POSIX Path Overmatching (CVE-2026-32973)
2 rules 1 TTPOpenClaw before 2026.3.11 contains an exec allowlist bypass vulnerability (CVE-2026-32973) due to improper normalization of patterns, allowing attackers to execute unintended commands via wildcard matching in POSIX paths.