CVE-2026-32015
Published: 19 March 2026
Summary
CVE-2026-32015 is a high-severity Untrusted Search Path (CWE-426) vulnerability in Openclaw Openclaw. Its CVSS base score is 7.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 3.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
This vulnerability is AI-related — categorised as Other AI Platforms.
The strongest mitigations our analysis identified are NIST 800-53 CM-10 (Software Usage Restrictions) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly mitigates the path hijacking vulnerability by requiring timely remediation through upgrade to OpenClaw version 2026.2.19 or later as recommended in the advisory.
Enforces deny-by-default execution of only authorized software programs, preventing trojan binaries from running even if masquerading as allowlisted names like jq via PATH manipulation.
Requires secure configuration of the gateway process environment, including a hardened PATH excluding attacker-influenced directories, to block path hijacking attempts.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Path hijacking (CWE-426) via PATH manipulation directly enables T1574.007 for trojan binary execution bypassing allowlists and T1068 for local privilege escalation to high C/I/A impact.
NVD Description
OpenClaw versions 2026.1.21 prior to 2026.2.19 contain a path hijacking vulnerability in tools.exec.safeBins that allows attackers to bypass allowlist checks by controlling process PATH resolution. Attackers who can influence the gateway process PATH or launch environment can execute trojan binaries…
more
with allowlisted names, such as jq, circumventing executable validation controls.
Deeper analysisAI
CVE-2026-32015 is a path hijacking vulnerability (CWE-426) affecting OpenClaw versions 2026.1.21 prior to 2026.2.19, specifically in the tools.exec.safeBins component. The flaw enables attackers to bypass allowlist checks by manipulating process PATH resolution, allowing execution of trojan binaries masquerading as allowlisted names like jq and circumventing executable validation controls. Published on 2026-03-19, it carries a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating high impact with local access.
Local attackers with low privileges (PR:L) who can influence the gateway process PATH or launch environment are positioned to exploit this issue. By controlling PATH resolution, they can trick the safeBins mechanism into executing arbitrary malicious binaries under trusted names, leading to high confidentiality, integrity, and availability impacts without requiring user interaction.
Advisories recommend upgrading to OpenClaw version 2026.2.19 or later to mitigate the vulnerability, as detailed in the GitHub security advisory (GHSA-g75x-8qqm-2vxp) and the associated fix commit (28bac46c92069dc728524fbf383024c1b64e5c23). Additional analysis is available from VulnCheck at https://www.vulncheck.com/advisories/openclaw-path-hijacking-bypass-in-tools-exec-safebins-allowlist-validation.
Details
- CWE(s)
Affected Products
AI Security AnalysisAI
- AI Category
- Other AI Platforms
- Risk Domain
- N/A
- OWASP Top 10 for LLMs 2025
- None mapped
- Classification Reason
- Matched keywords: trojan