CVE-2026-32918 in OpenClaw信息

摘要 (英语)

OpenClaw before 2026.3.11 contains a session sandbox escape vulnerability in the session_status tool that allows sandboxed subagents to access parent or sibling session state. Attackers can supply arbitrary sessionKey values to read or modify session data outside their sandbox scope, including persisted model overrides.

负责

VulnCheck

预定

2026-03-16

披露

2026-03-29

条目

已发布	基础	临时	漏洞	CWE	产品	可利用	对策	EPSS	CTI	CVE
2026-03-29	6.8	6.7	OpenClaw session_status 权限提升	863	Artificial Intelligence Software	未定义	官方修复	0.00000	5.64	CVE-2026-32918

显示更多

描述
更改
网络威胁情报
API/JSON

◂ 上一步一览下一步 ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!