CVE-2026-32046
Published: 21 March 2026
Summary
CVE-2026-32046 is a medium-severity Initialization of a Resource with an Insecure Default (CWE-1188) vulnerability in Openclaw Openclaw. Its CVSS base score is 5.3 (Medium).
Operationally, exploitation aligns with the MITRE ATT&CK technique Escape to Host (T1611); ranked at the 5.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 CM-6 (Configuration Settings) and SC-39 (Process Isolation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Mandates process isolation mechanisms like OS-level sandboxing to contain renderer-side vulnerabilities and prevent host code execution.
Enforces secure configuration settings for the Chromium browser container to ensure OS-level sandbox protections are enabled and not disabled.
Requires software-enforced separation policies that directly mitigate improper sandbox configurations allowing renderer exploits to bypass isolation.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Disabled Chromium container sandbox directly enables container-to-host escape for code execution (T1611) and facilitates exploitation of renderer vulnerabilities to achieve arbitrary code execution without a sandbox escape step (T1203).
NVD Description
OpenClaw versions prior to 2026.2.21 contain an improper sandbox configuration vulnerability that allows attackers to execute arbitrary code by exploiting renderer-side vulnerabilities without requiring a sandbox escape. Attackers can leverage the disabled OS-level sandbox protections in the Chromium browser container…
more
to achieve code execution on the host system.
Deeper analysisAI
CVE-2026-32046 is an improper sandbox configuration vulnerability (CWE-1188) affecting OpenClaw versions prior to 2026.2.21. The flaw exists in the Chromium browser container, where OS-level sandbox protections are disabled, allowing attackers to execute arbitrary code by exploiting renderer-side vulnerabilities without requiring a traditional sandbox escape.
The vulnerability has a CVSS v3.1 base score of 5.3 (AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L), indicating exploitation requires local access and low privileges with low complexity and no user interaction. A local attacker can leverage the disabled sandboxing to bypass protections and achieve code execution on the host system.
Mitigation is addressed in OpenClaw version 2026.2.21 and later via patches in GitHub commits 1835dec2004fe7a62c6a7ba46b8485f124ec6199 and e7eba01efc4c3c400e9cfd3ce3d661cbc788a631. Further details on the issue and remediation are provided in the OpenClaw security advisory at GHSA-43x4-g22p-3hrq and the VulnCheck advisory at www.vulncheck.com/advisories/openclaw-os-level-sandbox-bypass-via-no-sandbox-flag.
Details
- CWE(s)