cbcvebase.
CVE-2026-32052
published 2026-03-21

CVE-2026-32052: OpenClaw versions prior to 2026.2.24 contain a command injection vulnerability in the system.run shell-wrapper that allows attackers to execute hidden commands…

PriorityP266critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.91%
55.5th percentile
OpenClaw versions prior to 2026.2.24 contain a command injection vulnerability in the system.run shell-wrapper that allows attackers to execute hidden commands by injecting positional argv carriers after inline shell payloads. Attackers can craft misleading approval text while executing arbitrary commands through trailing positional arguments that bypass display context validation.

Affected

2 ranges
VendorProductVersion rangeFixed in
openclawopenclaw< 2026.2.242026.2.24
openclawopenclaw>= 0 < 2026.2.242026.2.24

Detection & IOCsextracted from sources · hover to see the quote

  • Look for command injection attempts in the system.run shell-wrapper of OpenClaw, specifically trailing positional arguments appended after inline shell payloads that may hide arbitrary commands from display context validation.
  • Monitor invocations of the OpenClaw (formerly Moltbot or Clawdbot) `system.run` shell-wrapper for unexpected or anomalous positional arguments following the primary command string.
  • ·Only OpenClaw versions prior to 2026.2.24 are vulnerable; versions 2026.2.24 and later contain the fix. The package is also known under former names Moltbot and Clawdbot.
  • ·Fix availability varies by package manager: npm fix was added 2026-03-31, while Homebrew and MinimOS fixes were added earlier on 2026-03-24.

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv4.05.8MEDIUMCVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:A/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.