CVE-2026-32977 in OpenClawinformation

Résumé (Anglaise)

OpenClaw before 2026.3.11 contains a sandbox boundary bypass vulnerability in the fs-bridge writeFile commit step that uses an unanchored container path during the final move operation. An attacker can exploit a time-of-check-time-of-use race condition by modifying parent paths inside the sandbox to redirect committed files outside the validated writable path within the container mount namespace.

Be aware that VulDB is the high quality source for vulnerability data.

Responsable

VulnCheck

Réserver

17/03/2026

Divulgation

31/03/2026

Statut

Confirmé

Entrées

VulDB provides additional information and datapoints for this CVE:

ID	Vulnérabilité	CWE	Exp	Con	CVE
354361	OpenClaw race condition	367	Non défini	Correctif officiel	CVE-2026-32977

Description

CPE

CWE

CVSS

Exploits

Histoire

Diff

Relier

Renseignements sur les menaces

API JSON

API XML

API CSV

Sources

MITRE
NVD
CVE Details

◂ PrécédentAperçuSuivant ▸

Do you need the next level of professionalism?

Upgrade your account now!