Tag

Cve-2026-32973

1 brief RSS

OpenClaw Exec Allowlist Bypass via POSIX Path Overmatching (CVE-2026-32973)

OpenClaw before 2026.3.11 contains an exec allowlist bypass vulnerability (CVE-2026-32973) due to improper normalization of patterns, allowing attackers to execute unintended commands via wildcard matching in POSIX paths.

cve-2026-32973 openclaw allowlist-bypass

2r 1t Mar 29, 2026