Tag

Heredoc

1 brief RSS

OpenClaw Heredoc Shell Expansion Bypass (CVE-2026-44115)

OpenClaw before 2026.4.22 is vulnerable to shell expansion in unquoted heredoc bodies, allowing attackers to bypass exec allowlist validation and execute unauthorized commands.

OpenClaw cve-2026-44115 shell-expansion heredoc allowlist-bypass incomplete-list-of-disallowed-inputs

2r 1t 1c 1h ago