CVE-2026-32056
Published: 21 March 2026
Summary
CVE-2026-32056 is a high-severity OS Command Injection (CWE-78) vulnerability in Openclaw Openclaw. Its CVSS base score is 7.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Unix Shell (T1059.004); ranked at the 37.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly requires sanitization and validation of environment variables such as HOME and ZDOTDIR at input points to system.run, preventing injection of malicious shell startup files.
Mandates timely remediation of the specific flaw through patching to OpenClaw 2026.2.22 or later, where environment variable sanitization is implemented.
Restricts the application to least functionality by prohibiting unnecessary shell environment processing or startup file execution, mitigating allowlist bypass risks.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The vulnerability enables OS command injection via unsanitized Unix shell environment variables (HOME, ZDOTDIR), allowing arbitrary Unix shell command execution (T1059.004) and bypass of command allowlist defenses (T1211).
NVD Description
OpenClaw versions prior to 2026.2.22 fail to sanitize shell startup environment variables HOME and ZDOTDIR in the system.run function, allowing attackers to bypass command allowlist protections. Remote attackers can inject malicious startup files such as .bash_profile or .zshenv to achieve…
more
arbitrary code execution before allowlist-evaluated commands are executed.
Deeper analysisAI
CVE-2026-32056 is an OS command injection vulnerability (CWE-78) in OpenClaw versions prior to 2026.2.22. The issue resides in the system.run function, which fails to sanitize shell startup environment variables HOME and ZDOTDIR. This flaw enables attackers to bypass the application's command allowlist protections by manipulating these variables.
The vulnerability has a CVSS v3.1 base score of 7.5 (AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating network accessibility with high attack complexity, low privilege requirements, and no user interaction needed. Remote attackers with low privileges can inject malicious startup files, such as .bash_profile or .zshenv, into the controlled environment. This leads to arbitrary code execution occurring before any allowlist-evaluated commands are processed.
Mitigation is addressed in OpenClaw version 2026.2.22 and later. The GitHub commit c2c7114ed39a547ab6276e1e933029b9530ee906 implements the fix by properly sanitizing the relevant environment variables. Additional details are available in the GitHub security advisory GHSA-xgf2-vxv2-rrmg and the VulnCheck advisory on remote code execution via shell startup environment variable injection.
Details
- CWE(s)