CVE-2026-32058 in OpenClaw
Summary
by MITRE • 03/21/2026
OpenClaw versions prior to 2026.2.26 contain an approval context-binding weakness in system.run execution flows with host=node that allows reuse of previously approved requests with modified environment variables. Attackers with access to an approval id can exploit this by reusing an approval with changed env input, bypassing execution-integrity controls in approval-enabled workflows.
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
Analysis
by VulDB Data Team • 03/27/2026
The vulnerability identified as CVE-2026-32058 represents a critical security flaw in OpenClaw versions prior to 2026.2.26 that fundamentally compromises the integrity of approval-based execution workflows. This weakness manifests specifically within the system.run execution flows when the host parameter is set to node, creating a dangerous context-binding vulnerability that undermines the fundamental security controls designed to prevent unauthorized execution. The flaw allows for the unauthorized reuse of previously approved requests, effectively enabling attackers to bypass critical execution-integrity checks that should prevent malicious code execution.
The technical implementation of this vulnerability stems from insufficient validation of environment variables during the approval reuse process. When an approval id is obtained through legitimate means, attackers can leverage this credential to submit modified requests with altered environment variables while maintaining the same approval context. This creates a scenario where the system incorrectly validates the modified execution environment against the original approval, essentially allowing the reuse of approvals across different contexts without proper re-evaluation of the execution parameters. The vulnerability directly maps to CWE-693, which addresses protection mechanism failures, specifically in the area of approval and authentication controls.
The operational impact of this vulnerability extends beyond simple privilege escalation, creating a pathway for attackers to manipulate system execution flows in ways that can compromise entire workflows. Attackers can effectively bypass security controls designed to prevent unauthorized code execution by simply reusing valid approvals with modified environment variables, potentially leading to arbitrary code execution, data exfiltration, or system compromise. The flaw particularly affects environments where approval-enabled workflows are critical for security, such as automated deployment systems, configuration management platforms, or any system where execution integrity is paramount. This vulnerability can be exploited by attackers who gain access to a valid approval id through various means including credential theft, session hijacking, or other initial compromise techniques.
Mitigation strategies should focus on implementing proper approval context validation mechanisms that prevent the reuse of approvals across different execution environments. Organizations should ensure that environment variable changes trigger new approval requirements or comprehensive re-validation of the execution context. The recommended approach includes implementing strict approval binding that ties the approval to specific execution parameters including environment variables, host configurations, and other contextual elements. Additionally, systems should enforce time-based expiration of approvals and implement audit logging that tracks approval reuse attempts to detect potential exploitation. This vulnerability aligns with ATT&CK technique T1078.004, which covers valid accounts with compromised credentials, and T1566.002, which addresses phishing with malicious attachments, as attackers may leverage stolen approval credentials to exploit this flaw. Organizations should also consider implementing multi-factor authentication for approval systems and establishing automated monitoring for unusual approval reuse patterns to detect potential exploitation attempts.