Improper access control in OpenClaw - CVE-2026-32038
Published: May 1, 2026
Vulnerability identifier: #VU128781
CSH Severity: Low
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2026-32038
CWE-ID: CWE-284
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
OpenClaw
OpenClaw
Software vendor:
OpenClaw
OpenClaw
Description
The vulnerability allows a remote user to bypass sandbox network isolation.
The vulnerability exists due to improper access control in sandbox Docker network mode validation when processing trusted sandbox network configuration. A remote user can set the sandbox network mode to container:<id> to bypass sandbox network isolation.
Exploitation requires the ability to influence trusted sandbox network configuration, such as agents.defaults.sandbox.docker.network, and may allow access to services reachable within another container's network namespace.
Remediation
Install security update from vendor's website.