Tag
OpenClaw versions 2026.2.23 before 2026.4.12 contain a weakened exec approval binding vulnerability in busybox and toybox applet execution, allowing attackers to obscure which applet would run, bypass exec approval mechanisms, and weaken risk classification of unsafe applet invocations.