CVE-2026-32022 in OpenClawinformação

Sumário

de MITRE • 20/03/2026

OpenClaw versions prior to 2026.2.21 contain a stdin-only policy bypass vulnerability in the grep tool within tools.exec.safeBins that allows attackers to read arbitrary files by supplying a pattern via the -e flag parameter. Attackers can include a positional filename operand to bypass file access restrictions and read sensitive files.env from the working directory.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsável

VulnCheck

Reservar

10/03/2026

Divulgação

20/03/2026

Moderação

aceite

Entrada

VDB-351951

CPE

pronto

CWE

CWE-184 (confirmado)

CVSS

6.5 (CNA)

EPSS

0.00079

KEV

não

Atividades

muito baixo

Sector

Insurance, Industry, ...

Fontes

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-32022
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-32022
CVE Details	https://www.cvedetails.com/cve/CVE-2026-32022/

◂ Voltar Visão Geral Próximo ▸

Might our Artificial Intelligence support you?

Check our Alexa App!