HIGHVulnerability
Verified
Global

NVD HIGH: CVE-2026-32978 — OpenClaw before 2026.3.11 contains an approval integrity vulnerability where sys...

Sunday, March 29, 2026 at 01:17 PM UTC·Source: NIST NVD

Updated: Friday, April 3, 2026 at 09:52 PM UTC

Executive Summary

OpenClaw before 2026.3.11 contains an approval integrity vulnerability where system.run approvals fail to bind mutable file operands for certain script runners like tsx and jiti. Attackers can obtain approval for benign script commands, rewrite referenced scripts on disk, and execute modified code under the approved run context.

Analysis

OpenClaw before 2026.3.11 contains an approval integrity vulnerability where system.run approvals fail to bind mutable file operands for certain script runners like tsx and jiti. Attackers can obtain approval for benign script commands, rewrite referenced scripts on disk, and execute modified code under the approved run context. CVSS Score: 8. Published: 2026-03-29T13:17:01.963.

Indicators of Compromise (1)

CVE (1)
CVE-2026-32978
NVDMITRE CVE
Source Attribution

Originally published by NIST NVD on Mar 29, 2026. Verified by: NIST.

Related Threats

MEDIUMVulnerability

Inconsistent Privacy Labels Don't Tell Users What They Are Getting

Data privacy labels are a great idea for mobile apps, but the current versions just aren't good enough.

Dark Reading
MEDIUMVulnerability

LinkedIn secretely scans for 6,000+ Chrome extensions, collects data

A new report dubbed "BrowserGate" warns that Microsoft's LinkedIn is using hidden JavaScript scripts on its website to scan visitors' browsers for installed extensions and collect device data. [...]

BleepingComputer
MEDIUMVulnerability

FCC proposes $4.5 million fine for voice service provider hosting ‘suspicious’ foreign call traffic

Voxbeam’s actions allegedly led to “financial impersonation robocalls” that were made to American consumers “ using “non-compliant and long dormant accounts,” the FCC said.

The Record