CVE-2026-32921

MEDIUM EPSS 10.0%
Published Mar 31, 20263mo ago · Modified Jun 17, 20261w ago
5.3 CVSS 4.0
Medium
Find Similar
Published Mar 31, 2026 3mo ago
Last Modified Jun 17, 2026 1w ago

Description

OpenClaw before 2026.3.8 contains an approval bypass vulnerability in system.run where mutable script operands are not bound across approval and execution phases. Attackers can obtain approval for script execution, modify the approved script file before execution, and execute different content while maintaining the same approved command shape.

CVSS Details

Base Score
5.3
Exploitability
Impact
Vector string
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector Network
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope X

Threat Intelligence

EPSS Exploit Probability
10.0% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-367

Affected Products 1

VendorProductVersionRange
openclawopenclaw* <2026.3.8

References 4

  • github.com https://github.com/openclaw/openclaw/commit/c76d29208bf6a7f058d2cf582519d28069e42240
    Patch
  • github.com https://github.com/openclaw/openclaw/commit/cf3a479bd1204f62eef7dd82b4aa328749ae6c91
    Patch
  • github.com https://github.com/openclaw/openclaw/security/advisories/GHSA-8g75-q649-6pv6
    Vendor Advisory
  • vulncheck.com https://www.vulncheck.com/advisories/openclaw-script-content-modification-via-mutable-operand-binding-in-system-run
    Third Party Advisory

Remediation

  • github.com https://github.com/openclaw/openclaw/commit/c76d29208bf6a7f058d2cf582519d28069e42240
    Patch
  • github.com https://github.com/openclaw/openclaw/commit/cf3a479bd1204f62eef7dd82b4aa328749ae6c91
    Patch