CVE-2026-29612
Published: 05 March 2026
Summary
CVE-2026-29612 is a medium-severity Allocation of Resources Without Limits or Throttling (CWE-770) vulnerability in Openclaw Openclaw. Its CVSS base score is 6.8 (Medium).
Operationally, exploitation aligns with the MITRE ATT&CK technique Application or System Exploitation (T1499.004); ranked at the 38.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SC-5 (Denial-of-service Protection) and SI-10 (Information Input Validation).
Deeper analysis
CVE-2026-29612, published on 2026-03-05, affects OpenClaw versions prior to 2026.2.14. The vulnerability arises because the software decodes base64-backed media inputs into buffers before enforcing decoded-size budget limits, allowing attackers to trigger large memory allocations. This issue is classified under CWE-770 (Allocation of Resources Without Limits or Throttling) and carries a CVSS v3.1 base score of 5.5 (AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H), indicating medium severity primarily due to high availability impact.
A local attacker with low privileges can exploit this vulnerability by supplying oversized base64 payloads as media inputs. Although the description references remote attackers, the CVSS vector specifies local access (AV:L). Successful exploitation leads to memory pressure and denial of service through excessive resource consumption.
Mitigation is addressed in the referenced advisories and patch. The GitHub commit at https://github.com/openclaw/openclaw/commit/31791233d60495725fa012745dde8d6ee69e9595 fixes the decoding logic to enforce size limits prior to allocation. The OpenClaw security advisory (https://github.com/openclaw/openclaw/security/advisories/GHSA-w2cg-vxx6-5xjg) and VulnCheck advisory (https://www.vulncheck.com/advisories/openclaw-denial-of-service-via-large-base-media-file-decoding) recommend upgrading to OpenClaw version 2026.2.14 or later.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-9936
Vulnerability details
OpenClaw versions prior to 2026.2.14 decode base64-backed media inputs into buffers before enforcing decoded-size budget limits, allowing attackers to trigger large memory allocations. Remote attackers can supply oversized base64 payloads to cause memory pressure and denial of service.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Local DoS via unbounded base64 media decode causing excessive memory allocation directly enables application/system exploitation for endpoint denial of service (T1499.004).
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Enforces validation of base64 media input size before any decoding or buffer allocation occurs, directly blocking the oversized-payload path in CVE-2026-29612.
Requires denial-of-service protections that limit resource exhaustion from unbounded memory allocations triggered by crafted base64 inputs.
Mandates controls on resource availability to prevent a single local process from consuming excessive memory via unchecked base64 decoding.