CVE-2026-27545: OpenClaw: Node system.run approval bypass via parent-symlink cwd rebind
(updated )
For host=node executions, approval context could be bypassed after approval-time by rebinding a writable parent symlink in cwd while preserving the visible cwd string.
References
- github.com/advisories/GHSA-f7ww-2725-qvw2
- github.com/openclaw/openclaw
- github.com/openclaw/openclaw/commit/4b4718c8dfce2e2c48404aa5088af7c013bed60b
- github.com/openclaw/openclaw/commit/4e690e09c746408b5e27617a20cb3fdc5190dbda
- github.com/openclaw/openclaw/commit/78a7ff2d50fb3bcef351571cb5a0f21430a340c1
- github.com/openclaw/openclaw/commit/d06632ba45a8482192792c55d5ff0b2e21abb0a7
- github.com/openclaw/openclaw/commit/d82c042b09727a6148f3ca651b254c4a677aff26
- github.com/openclaw/openclaw/security/advisories/GHSA-f7ww-2725-qvw2
- nvd.nist.gov/vuln/detail/CVE-2026-27545
Code Behaviors & Features
Detect and mitigate CVE-2026-27545 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →