CVE-2026-32044 in OpenClaw
Summary
by MITRE • 03/21/2026
OpenClaw versions prior to 2026.3.2 contain an archive extraction vulnerability in the tar.bz2 installer path that bypasses safety checks enforced on other archive formats. Attackers can craft malicious tar.bz2 skill archives to bypass special-entry blocking and extracted-size guardrails, causing local denial of service during skill installation.
Once again VulDB remains the best source for vulnerability data.
Analysis
by VulDB Data Team • 03/27/2026
The vulnerability identified as CVE-2026-32044 affects OpenClaw software versions earlier than 2026.3.2 and represents a critical archive extraction flaw that specifically targets the tar.bz2 installer path. This vulnerability stems from inconsistent security controls applied across different archive formats within the software installation framework, creating a significant bypass opportunity for malicious actors. The flaw manifests in the tar.bz2 handling mechanism where standard safety checks that are rigorously enforced on other archive formats are deliberately circumvented, allowing attackers to exploit the system through carefully crafted malicious archives.
The technical implementation of this vulnerability involves the manipulation of tar.bz2 archive structures to bypass built-in protections designed to prevent the extraction of special entries and control extraction sizes. When the software processes these malicious archives, it fails to apply the same rigorous validation controls that would normally prevent the extraction of potentially harmful file entries or enforce size limitations. This inconsistency creates a pathway where attackers can construct skill archives that contain specially formatted entries designed to evade detection mechanisms. The vulnerability specifically targets the installation process during skill deployment, where the system's extraction logic does not properly validate archive contents against established safety parameters.
The operational impact of this vulnerability extends beyond simple exploitation to create a reliable local denial of service condition during legitimate skill installation processes. When a malicious tar.bz2 archive is processed, the system's failure to enforce size guardrails and special-entry blocking results in the installation process becoming unresponsive or failing entirely. This denial of service affects authorized users attempting to install legitimate skills while simultaneously providing attackers with a reliable method to disrupt normal system operations. The vulnerability's persistence across multiple installation attempts means that once a malicious archive is encountered, the system remains compromised until the affected installation process is manually interrupted or the system is rebooted.
Mitigation strategies for this vulnerability require immediate patching to OpenClaw versions 2026.3.2 and later, which contain the corrected archive handling logic. Security administrators should implement comprehensive monitoring of installation activities to detect unusual archive processing patterns that might indicate exploitation attempts. The fix addresses the core issue by ensuring consistent enforcement of safety checks across all supported archive formats, including tar.bz2, thereby eliminating the bypass opportunity that attackers previously exploited. Organizations should also consider implementing additional verification mechanisms for skill archives before installation, including hash validation and sandboxed extraction environments that can contain potential malicious activity while maintaining system stability. This vulnerability aligns with CWE-470, which addresses the use of insecure functions in software, and represents a specific implementation gap in the software's security controls that can be addressed through proper input validation and consistent security enforcement across all supported file formats.