CVE-2026-27002CRITICAL 9.8EPSS p37.5%

CVE-2026-27002CVE-2026-27002

Description

OpenClaw is a personal AI assistant. Prior to version 2026.2.15, a configuration injection issue in the Docker tool sandbox could allow dangerous Docker options (bind mounts, host networking, unconfined profiles) to be applied, enabling container escape or host data access. OpenClaw 2026.2.15 blocks dangerous sandbox Docker settings and includes runtime enforcement when building `docker create` args; config-schema validation for `network=host`, `seccompProfile=unconfined`, `apparmorProfile=unconfined`; and security audit findings to surface dangerous sandbox docker config. As a workaround, do not configure `agents.*.sandbox.docker.binds` to mount system directories or Docker socket paths, keep `agents.*.sandbox.docker.network` at `none` (default) or `bridge`, and do not use `unconfined` for seccomp/AppArmor profiles.

Scoring

CVSS 3.19.8 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS0.48% probability of exploitation · percentile 37.5% · 2026-06-19T12:03:05Z
Published2026-02-20
Last modified2026-02-20

Underlying weaknesses· 1

CWE-250

References

  1. https://github.com/openclaw/openclaw/commit/887b209db47f1f9322fead241a1c0b043fd38339
  2. https://github.com/openclaw/openclaw/releases/tag/v2026.2.15
  3. https://github.com/openclaw/openclaw/security/advisories/GHSA-w235-x559-36mg

1

TypeTargetConfidenceTier
WeaknessExecution with Unnecessary Privilegescwe-2500%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-24763
CVE
CVE-2026-32038
CVE
CVE-2026-42434
CVE
CVE-2026-25593
CVE
CVE-2026-32046
CVE
CVE-2026-22177
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.