CVE-2026-32040 in OpenClaw
Summary
by MITRE • 03/20/2026
OpenClaw versions prior to 2026.2.23 contain an html injection vulnerability in the HTML session exporter that allows attackers to execute arbitrary javascript by injecting malicious mimeType values in image content blocks. Attackers can craft session entries with specially crafted mimeType attributes that break out of the img src data-URL context to achieve cross-site scripting when exported HTML is opened.
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
Analysis
by VulDB Data Team • 03/25/2026
The vulnerability identified as CVE-2026-32040 affects OpenClaw versions prior to 2026.2.23 and represents a critical html injection flaw within the HTML session exporter component. This vulnerability stems from insufficient input validation and sanitization of mimeType attributes within image content blocks, creating a pathway for malicious actors to manipulate the export functionality. The flaw specifically targets the data-URL context used in img src attributes, where attackers can inject malicious javascript code through crafted mimeType values that break out of the intended execution context. This type of vulnerability falls under the CWE-79 category of Cross-Site Scripting, specifically manifesting as a reflected XSS variant that occurs during the HTML export process rather than through direct user input.
The technical implementation of this vulnerability exploits the improper handling of data-URL schemes within the HTML session exporter's image processing logic. When session entries contain specially crafted mimeType attributes, the exporter fails to properly sanitize or validate these values before incorporating them into the generated HTML output. The malicious mimeType values can contain javascript code that executes when the exported HTML document is opened in a web browser, effectively allowing attackers to execute arbitrary code in the context of the victim's session. This attack vector leverages the inherent trust users place in exported session data, as the malicious content is embedded within what appears to be legitimate session information.
The operational impact of this vulnerability extends beyond simple code execution, as it can enable attackers to perform a wide range of malicious activities including session hijacking, data exfiltration, and privilege escalation within the affected system. When victims open the maliciously crafted HTML export files, the injected javascript code can access the user's session cookies, potentially allowing attackers to impersonate legitimate users and gain unauthorized access to sensitive information. The vulnerability also aligns with ATT&CK technique T1059.007 for Command and Scripting Interpreter: JavaScript, as the attack specifically leverages javascript execution within web browsers. Additionally, the attack chain involves T1566 for Phishing and T1203 for Exploitation for Client Execution, as the vulnerability requires user interaction through opening the exported HTML file.
Organizations using affected OpenClaw versions should implement immediate mitigations including upgrading to version 2026.2.23 or later, which contains the necessary patches to sanitize mimeType attributes during HTML export operations. Network administrators should also consider implementing web application firewalls and content filtering solutions to detect and block suspicious data-URL patterns. The remediation process should include thorough testing of the updated system to ensure that the patch does not introduce regressions in legitimate export functionality. Security teams should also conduct comprehensive audits of session export features across all affected systems and implement monitoring for unusual export activities that might indicate exploitation attempts. Regular security assessments should be performed to identify similar vulnerabilities in other components that handle user-provided data in HTML generation contexts, as this represents a common attack pattern in web applications where user input is not properly sanitized before being rendered in browser contexts.