Platform
nodejs
Component
openclaw
Fixed in
2026.3.13
CVE-2026-32917 describes a critical command injection vulnerability discovered in OpenClaw versions prior to 2026.3.13. This flaw allows attackers to execute arbitrary commands on configured remote hosts, potentially leading to complete system compromise. The vulnerability stems from insufficient validation of remote attachment paths, enabling malicious code execution when remote attachment staging is enabled. A patch is available in version 2026.3.13.
The impact of CVE-2026-32917 is severe. An attacker exploiting this vulnerability can gain remote code execution (RCE) on the target system. This means they can execute arbitrary commands with the privileges of the OpenClaw process, potentially leading to data theft, system takeover, and lateral movement within the network. The ability to execute commands remotely makes this particularly dangerous, as an attacker could leverage the compromised system to launch further attacks against other systems. The vulnerability's reliance on remote attachment staging means systems with this feature enabled are at significantly higher risk. Successful exploitation could resemble a traditional SSH compromise, but with the added complexity of the OpenClaw attachment processing pipeline.
CVE-2026-32917 was publicly disclosed on 2026-03-31. Its CRITICAL CVSS score indicates a high probability of exploitation. As of this writing, there are no publicly available proof-of-concept exploits, but the ease of exploitation (command injection via file paths) suggests that one is likely to emerge. It is not currently listed on the CISA KEV catalog. Active campaigns are not yet confirmed, but the vulnerability's severity warrants immediate attention.
Exploit Status
EPSS
0.59% (69% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2026-32917 is to immediately upgrade OpenClaw to version 2026.3.13 or later. If upgrading is not immediately feasible, disabling remote attachment staging is a critical temporary workaround. This will prevent the vulnerable attachment processing flow from being triggered. Consider implementing strict input validation and sanitization on all user-supplied data, particularly file paths, as a general security best practice. While a specific WAF rule is unlikely to be effective without detailed knowledge of OpenClaw's internal workings, monitoring network traffic for suspicious SCP connections originating from the OpenClaw process could provide an early warning sign of exploitation. After upgrading, confirm the fix by attempting to stage a malicious attachment containing shell metacharacters and verifying that the command execution is blocked.
Update OpenClaw to version 2026.3.13 or later. This corrects the remote command injection vulnerability by properly validating iMessage attachment paths before passing them to SCP.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-32917 is a critical vulnerability in OpenClaw versions 0–2026.3.13 that allows attackers to execute commands on remote hosts via unsanitized attachment paths. This is a remote code execution (RCE) vulnerability.
You are affected if you are running OpenClaw versions 0–2026.3.13 and have remote attachment staging enabled. Check your OpenClaw version immediately.
Upgrade OpenClaw to version 2026.3.13 or later. As a temporary workaround, disable remote attachment staging.
While no active exploitation has been confirmed, the vulnerability's severity and ease of exploitation suggest it is likely to be targeted. Monitor your systems closely.
Refer to the official OpenClaw security advisory for detailed information and updates regarding CVE-2026-32917. The advisory is available on the OpenClaw website.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.