js · openclawHeads-up
OpenClaw macOS Swift exec allowlist bypass via combined POSIX flags
macOS Swift exec allowlist missed combined POSIX inline flags, allowing shell content to bypass allowlist checks.
What changed
macOS Swift exec allowlist missed combined POSIX inline flags, allowing shell content to bypass allowlist checks.
Who it affects
Users of OpenClaw on macOS with the affected feature enabled and reachable.
What to do today
Apply the patch to version 2026.5.6 or later, or require approval for combined shell flag forms on macOS until patched.
The trail
Collected→
Audited→
Written→
Published