Vulnerability DatabaseCVE-2026-32009
Mend.io Vulnerability Database
The largest open source vulnerability database
What is a Vulnerability ID?
New vulnerability? Tell us about it!
CVE-2026-32009
March 19, 2026
OpenClaw versions prior to 2026.2.24 contain a policy bypass vulnerability in the safeBins allowlist evaluation that trusts static default directories including writable package-manager paths like /opt/homebrew/bin and /usr/local/bin. An attacker with write access to these trusted directories can place a malicious binary with the same name as an allowed executable to achieve arbitrary command execution within the OpenClaw runtime context.
Affected Packages
openclaw (NPM):
Affected version(s) >=0.0.1 <2026.2.24
Fix Suggestion:
Update to version 2026.2.24
Related ResourcesĀ (4)
https://github.com/openclaw/openclaw
https://github.com/openclaw/openclaw/security/advisories/GHSA-5gj7-jf77-q2q2
https://github.com/openclaw/openclaw/commit/b67e600bff696ff2ed9b470826590c0ce6b3bb0a
https://www.vulncheck.com/advisories/openclaw-binary-hijacking-via-static-default-trusted-directories-in-safebins
Do you need more information?
Contact Us
CVSS v4
Base Score:
7
Attack Vector
LOCAL
Attack Complexity
HIGH
Attack Requirements
PRESENT
Privileges Required
HIGH
User Interaction
NONE
Vulnerable System Confidentiality
HIGH
Vulnerable System Integrity
HIGH
Vulnerable System Availability
NONE
Subsequent System Confidentiality
NONE
Subsequent System Integrity
NONE
Subsequent System Availability
NONE
CVSS v3
Base Score:
5.7
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
HIGH
Availability
HIGH
Weakness Type (CWE)
Inclusion of Functionality from Untrusted Control Sphere
CWE-829
Unquoted Search Path or Element
CWE-428
Untrusted Search Path
CWE-426
EPSS
Base Score:
0.01