CVE-2026-27002

EPSS 0.48%
Veröffentlicht 19.02.2026 23:12:17
Zuletzt bearbeitet 20.02.2026 18:11:24
Quelle security-advisories@github.com
CVE-Watchlists
Login
Unerledigt
Login

OpenClaw: Docker container escape via unvalidated bind mount config injection

OpenClaw is a personal AI assistant. Prior to version 2026.2.15, a configuration injection issue in the Docker tool sandbox could allow dangerous Docker options (bind mounts, host networking, unconfined profiles) to be applied, enabling container escape or host data access. OpenClaw 2026.2.15 blocks dangerous sandbox Docker settings and includes runtime enforcement when building `docker create` args; config-schema validation for `network=host`, `seccompProfile=unconfined`, `apparmorProfile=unconfined`; and security audit findings to surface dangerous sandbox docker config. As a workaround, do not configure `agents.*.sandbox.docker.binds` to mount system directories or Docker socket paths, keep `agents.*.sandbox.docker.network` at `none` (default) or `bridge`, and do not use `unconfined` for seccomp/AppArmor profiles.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 6

NVD 1 VulnDex Vulnerability Enrichment 1

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

OpenClaw ≫ OpenClaw SwPlatformnode.js Version < 2026.2.15

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.48%	0.375

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
security-advisories@github.com	7.7	0	0	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CWE-250 Execution with Unnecessary Privileges

The product performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses.

https://github.com/openclaw/openclaw/releases/tag/v2026.2.15

Product

Release Notes

https://github.com/openclaw/openclaw/security/advisories/GHSA-w235-x559-36mg

Patch

Vendor Advisory

Mitigation

https://github.com/openclaw/openclaw/commit/887b209db47f1f9322fead241a1c0b043fd38339

Patch

https://nvd.nist.gov/vuln/detail/CVE-2026-27002

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-27002

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-27002

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2026-27002