CVE-2026-32979
HIGHOpenClaw < 2026.3.11 - Unbound Interpreter and Runtime Commands Bypass in node-host Approval
Title source: cnaDescription
OpenClaw before 2026.3.11 contains an approval integrity vulnerability allowing attackers to execute rewritten local code by modifying scripts between approval and execution when exact file binding cannot occur. Remote attackers can change approved local scripts before execution to achieve unintended code execution as the OpenClaw runtime user.
References (2)
Core 2
Core References
Third Party Advisory third-party-advisory
GitHub Security Advisory (GHSA-xf99-j42q-5w5p)
https://github.com/openclaw/openclaw/security/advisories/GHSA-xf99-j42q-5w5p
Third Party Advisory third-party-advisory
VulnCheck Advisory: OpenClaw < 2026.3.11 - Unbound Interpreter and Runtime Commands Bypass in node-host Approval
https://www.vulncheck.com/advisories/openclaw-unbound-interpreter-and-runtime-commands-bypass-in-node-host-approval
Scores
CVSS v3
7.3
EPSS
0.0005
EPSS Percentile
15.5%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-367
Status
published
Products (4)
npm/openclaw
0 - 2026.3.11npm
OpenClaw/OpenClaw
< 2026.3.11
openclaw/openclaw
< 2026.3.11
OpenClaw/OpenClaw
2026.3.11
Published
Mar 29, 2026
Tracked Since
Mar 29, 2026