Cyber Resilience

CVE-2026-28479

HighPublic PoC

Published: 05 March 2026

Published
05 March 2026
Modified
17 March 2026
KEV Added
Patch
CVSS Score v4 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0018 7.6th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2026-28479 is a high-severity Use of a Broken or Risky Cryptographic Algorithm (CWE-327) vulnerability in Openclaw Openclaw. Its CVSS base score is 8.7 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 7.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SC-13 (Cryptographic Protection) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2026-28479, published on 2026-03-05, affects OpenClaw versions prior to 2026.2.15 and is classified under CWE-327 (Broken or Risky Cryptographic Algorithm). The vulnerability arises from the use of the deprecated SHA-1 hashing algorithm to generate cache keys for sandbox identifiers in Docker and browser sandbox configurations. SHA-1's susceptibility to collision attacks enables cache poisoning, where an attacker can cause one sandbox configuration to be misinterpreted as another, leading to unsafe reuse of sandbox state.

A remote network attacker requires no privileges, low complexity, and no user interaction (CVSSv3.1 score of 7.5: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) to exploit this issue. By crafting inputs with colliding SHA-1 hashes, the attacker can poison the sandbox identifier cache, tricking the system into associating an attacker-controlled configuration with a legitimate one. This results in high confidentiality impact through potential unauthorized access to sensitive data in reused sandbox states.

Mitigation is provided in OpenClaw version 2026.2.15 and later. The patching commit is available at https://github.com/openclaw/openclaw/commit/559c8d9930eebb5356506ff1a8cd3dbaec92be77, with further details in the GitHub security advisory at https://github.com/openclaw/openclaw/security/advisories/GHSA-fh3f-q9qw-93j9 and the VulnCheck advisory at https://www.vulncheck.com/advisories/openclaw-cache-poisoning-via-deprecated-sha-hash-in-sandbox-configuration.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

OpenClaw versions prior to 2026.2.15 use SHA-1 to hash sandbox identifier cache keys for Docker and browser sandbox configurations, which is deprecated and vulnerable to collision attacks. An attacker can exploit SHA-1 collisions to cause cache poisoning, allowing one sandbox…

more

configuration to be misinterpreted as another and enabling unsafe sandbox state reuse.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1005 Data from Local System Collection
Adversaries may search local system sources, such as file systems, configuration files, local databases, virtual machine files, or process memory, to find files of interest and sensitive data prior to Exfiltration.
Why these techniques?

Remote unauthenticated network exploitation of public-facing sandbox cache logic (T1190) directly enables unauthorized access to sensitive data via poisoned sandbox state reuse (T1005).

Confidence: MEDIUM · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-32024Same product: Openclaw Openclaw
CVE-2026-33581Same product: Openclaw Openclaw
CVE-2026-32030Same product: Openclaw Openclaw
CVE-2026-32013Same product: Openclaw Openclaw
CVE-2026-29611Same product: Openclaw Openclaw
CVE-2026-32033Same product: Openclaw Openclaw
CVE-2026-42438Same product: Openclaw Openclaw
CVE-2026-28462Same product: Openclaw Openclaw
CVE-2026-32026Same product: Openclaw Openclaw
CVE-2026-43532Same product: Openclaw Openclaw

Affected Assets

openclaw
openclaw
≤ 2026.2.15

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Requires implementation of strong cryptographic protections, directly preventing use of deprecated SHA-1 hashing vulnerable to collision attacks in sandbox identifier cache keys.

prevent

Mandates timely flaw remediation, such as patching OpenClaw to version 2026.2.15 or later to eliminate the SHA-1 cache poisoning vulnerability.

detect

Facilitates vulnerability scanning to identify and detect the use of weak SHA-1 in sandbox configurations as in CVE-2026-28479.

References