CVE-2026-32058
LOWOpenClaw < 2026.2.26 - Approval Context-Binding Weakness in system.run via host=node
Title source: cnaDescription
OpenClaw versions prior to 2026.2.26 contain an approval context-binding weakness in system.run execution flows with host=node that allows reuse of previously approved requests with modified environment variables. Attackers with access to an approval id can exploit this by reusing an approval with changed env input, bypassing execution-integrity controls in approval-enabled workflows.
References (3)
Core 3
Core References
Third Party Advisory third-party-advisory
GitHub Security Advisory (GHSA-hjvp-qhm6-wrh2)
https://github.com/openclaw/openclaw/security/advisories/GHSA-hjvp-qhm6-wrh2
Patch patch
Patch Commit
https://github.com/openclaw/openclaw/commit/10481097f8e6dd0346db9be0b5f27570e1bdfcfa
Third Party Advisory third-party-advisory
VulnCheck Advisory: OpenClaw < 2026.2.26 - Approval Context-Binding Weakness in system.run via host=node
https://www.vulncheck.com/advisories/openclaw-approval-context-binding-weakness-in-system-run-via-host-node
Scores
CVSS v3
2.6
EPSS
0.0019
EPSS Percentile
8.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-863
Status
published
Products (4)
npm/openclaw
0 - 2026.2.26npm
OpenClaw/OpenClaw
< 2026.2.26
openclaw/openclaw
< 2026.2.26
OpenClaw/OpenClaw
2026.2.26
Published
Mar 21, 2026
Tracked Since
Mar 21, 2026