Platform
nodejs
Component
openclaw
Fixed in
2026.3.11
CVE-2026-33573 describes an authorization bypass vulnerability found in OpenClaw versions prior to 2026.3.11. This flaw allows authenticated operators with operator.write permission to manipulate workspace boundaries, potentially leading to unauthorized access and execution of commands. The vulnerability was publicly disclosed on March 29, 2026, and a fix is available in version 2026.3.11.
The core of this vulnerability lies in the gateway agent RPC handling within OpenClaw. An attacker, posing as an authenticated operator with the necessary operator.write permission, can craft malicious requests that override the expected spawnedBy and workspaceDir values. By controlling these parameters, the attacker can effectively escape the intended workspace boundary. This escape grants the ability to execute arbitrary file and exec operations from any directory accessible to the process, significantly expanding the potential attack surface. The impact is particularly severe in environments where OpenClaw is used for sensitive data processing or automation, as an attacker could gain control over the system and potentially exfiltrate data or compromise other services.
CVE-2026-33573 is currently not listed on the CISA KEV catalog. Public proof-of-concept (PoC) code is not yet available, but the vulnerability's nature suggests a moderate probability of exploitation (medium EPSS score) once a PoC is released. The published date indicates a relatively recent discovery, and active campaigns are not currently confirmed, but the potential for remote code execution warrants close monitoring.
Exploit Status
EPSS
0.05% (16% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2026-33573 is to immediately upgrade OpenClaw to version 2026.3.11 or later. Prior to upgrading, assess the potential impact on existing workflows and consider a staged rollout to minimize disruption. If an immediate upgrade is not feasible, restrict operator permissions to the minimum necessary level, carefully reviewing and auditing existing permission configurations. Implement strict workspace boundary controls and monitor gateway agent RPC calls for suspicious activity. Consider implementing a Web Application Firewall (WAF) to filter malicious requests targeting the RPC endpoint, although this is not a substitute for patching.
Update OpenClaw to version 2026.3.11 or later. This version fixes the authorization bypass vulnerability in the gateway agent RPC, preventing operators from eluding workspace boundaries. The update will prevent arbitrary file and operation execution from process-accessible directories.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-33573 is a HIGH severity vulnerability in OpenClaw versions 0–2026.3.11 that allows authenticated operators to bypass workspace boundaries and execute arbitrary commands.
If you are running OpenClaw versions 0–2026.3.11 and have operators with operator.write permissions, you are potentially affected by this vulnerability.
Upgrade OpenClaw to version 2026.3.11 or later. Prior to upgrading, assess the impact and consider a staged rollout.
Active exploitation is not currently confirmed, but the vulnerability's potential for remote code execution warrants close monitoring.
Refer to the official OpenClaw security advisory for detailed information and updates: [Replace with actual advisory URL when available]
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.