CVE-2026-32056

EPSS 0.14%
Veröffentlicht 21.03.2026 00:42:27
Zuletzt bearbeitet 23.03.2026 18:59:59
Quelle disclosure@vulncheck.com
CVE-Watchlists
Login
Unerledigt
Login

OpenClaw versions prior to 2026.2.22 fail to sanitize shell startup environment variables HOME and ZDOTDIR in the system.run function, allowing attackers to bypass command allowlist protections. Remote attackers can inject malicious startup files such as .bash_profile or .zshenv to achieve arbitrary code execution before allowlist-evaluated commands are executed.

Betroffene Produkte Warnungen 0 Metriken 4 CWE 1 Referenzen 6

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

OpenClaw ≫ OpenClaw SwPlatformnode.js Version < 2026.2.22

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.14%	0.344

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
disclosure@vulncheck.com	7.7	0	0	CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
disclosure@vulncheck.com	7.5	1.6	5.9	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

https://github.com/openclaw/openclaw/security/advisories/GHSA-xgf2-vxv2-rrmg

Vendor Advisory

https://github.com/openclaw/openclaw/commit/c2c7114ed39a547ab6276e1e933029b9530ee906

Patch

https://www.vulncheck.com/advisories/openclaw-remote-code-execution-via-shell-startup-environment-variable-injection-in-system-run

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2026-32056

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-32056

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-32056

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2026-32056