CVE-2026-32015

7.0 HIGH

Published: March 19, 2026 Modified: March 19, 2026

Description

OpenClaw versions 2026.1.21 prior to 2026.2.19 contain a path hijacking vulnerability in tools.exec.safeBins that allows attackers to bypass allowlist checks by controlling process PATH resolution. Attackers who can influence the gateway process PATH or launch environment can execute trojan binaries with allowlisted names, such as jq, circumventing executable validation controls.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

CVSS v3.x Details

0.0 Low Medium High Critical 10.0

Vector String

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

https://github.com/openclaw/openclaw/commit/28bac46c92069dc728524fbf383024c1b64e5c23

Source: disclosure@vulncheck.com

https://github.com/openclaw/openclaw/security/advisories/GHSA-g75x-8qqm-2vxp

Source: disclosure@vulncheck.com

https://www.vulncheck.com/advisories/openclaw-path-hijacking-bypass-in-tools-exec-safebins-allowlist-validation

Source: disclosure@vulncheck.com

3 reference(s) from NVD

Quick Stats

CVSS v3 Score

7.0 / 10.0

Exploitation Status

Not in CISA KEV

Weaknesses (CWE)

CWE-426

Related CVEs

CVE-2026-4478 8.1

CVE-2026-4477 3.1

CVE-2026-4476 6.3

CVE-2026-4475 8.8

CVE-2026-4474 2.4