# One Safe Command. Unlimited RCE. - Date: 2026-03-30 - Category: Agentics OpenClaw v2026.3.28, released March 28 and labeled a Tokyo pre-ClawCon drop, adds an async requireApproval mechanism to before_tool_call plugin hooks — a direct response to CVE-2026-29607, a medium-severity approval bypass that let attackers execute arbitrary code after duping users into approvin... ---