Execution with unnecessary privileges in OpenClaw - CVE-2026-27002
Published: May 4, 2026
Vulnerability identifier: #VU129423
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2026-27002
CWE-ID: CWE-250
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: OpenClaw
Affected software:
OpenClaw
OpenClaw
Detailed vulnerability description
The vulnerability allows a remote user to disclose sensitive host information or gain control of the host.
The vulnerability exists due to improper access control in the Docker tool sandbox configuration handling when processing sandbox Docker configuration. A remote user can inject dangerous Docker options such as bind mounts, host networking, or unconfined profiles to disclose sensitive host information or gain control of the host.
Exploitation requires the ability to influence sandbox Docker configuration or to have an operator paste untrusted configuration.
How to mitigate CVE-2026-27002
Install security update from vendor's website.