CVE-2026-32017

OpenClaw versions prior to 2026.2.19 contain an allowlist bypass vulnerability in the exec safeBins policy that allows attackers to write arbitrary files using short-option payloads. Attackers can bypass argument validation by attaching short options like -o to whitelisted binaries, enabling unauthorized file-write operations that should be denied by safeBins checks.

CVSS v3 7.1 HIGH

7.1^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 4.2

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact LOW

Scope UNCHANGED

References

Link	Resource
https://github.com/openclaw/openclaw/commit/bafdbb6f112409a65decd3d4e7350fbd637c7754	Patch
https://github.com/openclaw/openclaw/commit/cfe8457a0f4aae5324daec261d3b0aad1461a4bc	Patch
https://github.com/openclaw/openclaw/commit/fec48a5006eab37c6a5821726ccaeec886486b13	Patch
https://github.com/openclaw/openclaw/security/advisories/GHSA-3x3x-h76w-hp98	Vendor Advisory
https://www.vulncheck.com/advisories/openclaw-arbitrary-file-write-via-short-option-bypass-in-exec-allowlist	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*

History

25 Mar 2026, 15:16

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~5.9~~	v2 : unknown v3 : 7.1

24 Mar 2026, 18:54

Type	Values Removed	Values Added
Summary		(es) Versiones de OpenClaw anteriores a 2026.2.19 contienen una vulnerabilidad de omisión de lista de permitidos en la política exec safeBins que permite a los atacantes escribir archivos arbitrarios utilizando cargas útiles de opción corta. Los atacantes pueden omitir la validación de argumentos adjuntando opciones cortas como -o a binarios en la lista de permitidos, lo que permite operaciones de escritura de archivos no autorizadas que deberían ser denegadas por las comprobaciones de safeBins.
First Time		Openclaw openclaw Openclaw
CPE		cpe:2.3:a:openclaw:openclaw::::::node.js::*
References	~~() https://github.com/openclaw/openclaw/commit/bafdbb6f112409a65decd3d4e7350fbd637c7754 -~~	() https://github.com/openclaw/openclaw/commit/bafdbb6f112409a65decd3d4e7350fbd637c7754 - Patch
References	~~() https://github.com/openclaw/openclaw/commit/cfe8457a0f4aae5324daec261d3b0aad1461a4bc -~~	() https://github.com/openclaw/openclaw/commit/cfe8457a0f4aae5324daec261d3b0aad1461a4bc - Patch
References	~~() https://github.com/openclaw/openclaw/commit/fec48a5006eab37c6a5821726ccaeec886486b13 -~~	() https://github.com/openclaw/openclaw/commit/fec48a5006eab37c6a5821726ccaeec886486b13 - Patch
References	~~() https://github.com/openclaw/openclaw/security/advisories/GHSA-3x3x-h76w-hp98 -~~	() https://github.com/openclaw/openclaw/security/advisories/GHSA-3x3x-h76w-hp98 - Vendor Advisory
References	~~() https://www.vulncheck.com/advisories/openclaw-arbitrary-file-write-via-short-option-bypass-in-exec-allowlist -~~	() https://www.vulncheck.com/advisories/openclaw-arbitrary-file-write-via-short-option-bypass-in-exec-allowlist - Third Party Advisory

19 Mar 2026, 22:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-03-19 22:16

Updated : 2026-03-25 15:16

NVD link : CVE-2026-32017

Mitre link : CVE-2026-32017

CVE.ORG link : CVE-2026-32017

JSON object : View

Products Affected

openclaw

openclaw

CWE

CWE-184

Incomplete List of Disallowed Inputs

7.1 /10