CVE-2026-32978
Published: 29 March 2026
Summary
CVE-2026-32978 is a high-severity Incorrect Authorization (CWE-863) vulnerability in Openclaw Openclaw. Its CVSS base score is 8.0 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique JavaScript (T1059.007); ranked at the 14.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 CM-5 (Access Restrictions for Change) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly mitigates the vulnerability by requiring timely installation of the OpenClaw 2026.3.11 patch that fixes improper binding of mutable file operands in system.run approvals.
Requires integrity checks on scripts and files to detect unauthorized modifications between approval and execution, preventing tampered code from running under approved context.
Restricts low-privilege attackers from rewriting referenced mutable scripts by limiting change access to authorized personnel or roles.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Vulnerability is a TOCTOU flaw in script approval binding for JS/TS runners (tsx/jiti), directly enabling arbitrary script execution (T1059.007) after user approval and facilitating privilege escalation via scope change to high CIA impact (T1068).
NVD Description
OpenClaw before 2026.3.11 contains an approval integrity vulnerability where system.run approvals fail to bind mutable file operands for certain script runners like tsx and jiti. Attackers can obtain approval for benign script commands, rewrite referenced scripts on disk, and execute…
more
modified code under the approved run context.
Deeper analysisAI
CVE-2026-32978 is an approval integrity vulnerability in OpenClaw versions prior to 2026.3.11, published on 2026-03-29. The issue affects the system.run approval mechanism, which fails to properly bind mutable file operands when using certain script runners such as tsx and jiti. This flaw, classified under CWE-863 (Incorrect Authorization), has a CVSS v3.1 base score of 8.0 (AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H), indicating high severity with network accessibility but requiring low privileges, high attack complexity, and user interaction.
An attacker with low privileges can exploit this vulnerability by crafting benign script commands that reference mutable files, tricking a user into approving the execution via the system's approval process. Once approved, the attacker can rewrite the referenced scripts on disk before execution, allowing modified malicious code to run under the context of the original approval. This enables high-impact confidentiality, integrity, and availability violations with changed scope.
Advisories, including those from the OpenClaw GitHub security page (GHSA-qc36-x95h-7j53) and VulnCheck, detail the vulnerability and recommend updating to OpenClaw 2026.3.11 or later to mitigate the issue by ensuring proper binding of file operands during approvals.
Details
- CWE(s)