CVE-2026-32060
Published: 11 March 2026
Summary
CVE-2026-32060 is a high-severity Path Traversal (CWE-22) vulnerability in Openclaw Openclaw. Its CVSS base score is 8.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked in the top 29.4% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 CM-7 (Least Functionality) and SC-39 (Process Isolation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly addresses path traversal by requiring validation and error handling of crafted path inputs to the apply_patch function, blocking directory traversal sequences and absolute paths.
Enforces process isolation through filesystem sandbox containment to restrict apply_patch file write/delete operations within the configured workspace directory.
Limits system to least functionality by prohibiting or restricting the apply_patch feature when not essential, preventing exploitation of the vulnerable component.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Path traversal vulnerability enables low-privileged remote attackers to write/delete/modify arbitrary files outside sandboxed workspace, directly facilitating exploitation for privilege escalation to full system compromise.
NVD Description
OpenClaw versions prior to 2026.2.14 contain a path traversal vulnerability in apply_patch that allows attackers to write or delete files outside the configured workspace directory. When apply_patch is enabled without filesystem sandbox containment, attackers can exploit crafted paths including directory…
more
traversal sequences or absolute paths to escape workspace boundaries and modify arbitrary files.
Deeper analysisAI
CVE-2026-32060 is a path traversal vulnerability (CWE-22) affecting OpenClaw versions prior to 2026.2.14, specifically in the apply_patch component. This flaw allows attackers to write or delete files outside the configured workspace directory by exploiting crafted paths that include directory traversal sequences or absolute paths. The vulnerability arises when apply_patch is enabled without filesystem sandbox containment, enabling escape of workspace boundaries. It has a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) and was published on 2026-03-11.
Attackers with low privileges, such as authenticated users with network access to the system, can exploit this vulnerability remotely with low complexity and no user interaction required. By supplying malicious paths to apply_patch, they can modify arbitrary files on the filesystem, potentially leading to full system compromise through data exfiltration, persistence, or disruption of critical services.
Mitigation is addressed in the OpenClaw GitHub security advisory (GHSA-r5fq-947m-xm57) and a related commit (5544646a09c0121fca7d7093812dc2de8437c7f1) that patches the issue; users should upgrade to OpenClaw 2026.2.14 or later. Additional details are available in the VulnCheck advisory on the path traversal via crafted paths. Disabling apply_patch or enabling filesystem sandboxing provides interim protection.
Details
- CWE(s)