CVE-2026-32971HIGH 8.0EPSS p18.8%

CVE-2026-32971CVE-2026-32971

Description

OpenClaw before 2026.3.11 contains an approval-integrity vulnerability in node-host system.run approvals that displays extracted shell payloads instead of the executed argv. Attackers can place wrapper binaries and induce wrapper-shaped commands to execute local code after operators approve misleading command text.

Scoring

CVSS 3.18.0 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
EPSS0.27% probability of exploitation · percentile 18.8% · 2026-06-19T12:03:05Z
Published2026-03-31
Last modified2026-04-02

Underlying weaknesses· 1

CWE-451

References

  1. https://github.com/openclaw/openclaw/security/advisories/GHSA-rw39-5899-8mxp
  2. https://www.vulncheck.com/advisories/openclaw-node-host-approval-ui-mismatch-allows-execution-of-unintended-commands

1

TypeTargetConfidenceTier
WeaknessUser Interface (UI) Misrepresentation of Critical Informationcwe-4510%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-28466
CVE
CVE-2026-32052
CVE
CVE-2026-22168
CVE
CVE-2026-31992
CVE
CVE-2026-27566
CVE
CVE-2026-35666
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.