CVE-2026-32048 in OpenClawالمعلومات

الملخص

بحسب MITRE • 21/03/2026

OpenClaw versions prior to 2026.3.1 fail to enforce sandbox inheritance during cross-agent sessions_spawn operations, allowing sandboxed sessions to create child processes under unsandboxed agents. An attacker with a sandboxed session can exploit this to spawn child runtimes with sandbox.mode set to off, bypassing runtime confinement restrictions.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

مسؤول

VulnCheck

حجز

10/03/2026

إفشاء

21/03/2026

الاعتدال

تمت الموافقة

إدخال

VDB-352160

CPE

جاهز

CWE

CWE-732 (مؤكد)

CVSS

9.9 (NVD)

EPSS

0.00022

KEV

لا

النشاطات

منخفض

القطاع

Police, Pharma, ...

المصادر

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-32048
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-32048
CVE Details	https://www.cvedetails.com/cve/CVE-2026-32048/

التالي ▸نظرة عامة ◂ السابق

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!