Vulnerability-Lookup

CNVD-2026-16621

Vulnerability from cnvd - Published: 2026-04-09

Title

OpenClaw授权问题漏洞（CNVD-2026-16621）

Description

OpenClaw是一款用于权限管理的命令行工具。 OpenClaw 2026.3.11之前版本存在安全漏洞，该漏洞源于system.run审批功能未能正确绑定tsx、jiti等特定脚本运行器的可变文件操作数。攻击者可利用该漏洞先获取良性脚本命令的审批，随后重写磁盘上被引用的脚本，进而在已审批的运行上下文中执行恶意修改后的代码。

Severity

高

Patch Name

OpenClaw授权问题漏洞（CNVD-2026-16621）的补丁

Patch Description

Formal description

目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： https://github.com/openclaw/openclaw/security/advisories/GHSA-qc36-x95h-7j53

Reference

https://nvd.nist.gov/vuln/detail/CVE-2026-32978

Impacted products

Name
OpenClaw OpenClaw <2026.3.11

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2026-32978",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2026-32978"
    }
  },
  "description": "OpenClaw\u662f\u4e00\u6b3e\u7528\u4e8e\u6743\u9650\u7ba1\u7406\u7684\u547d\u4ee4\u884c\u5de5\u5177\u3002\n\nOpenClaw 2026.3.11\u4e4b\u524d\u7248\u672c\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8esystem.run\u5ba1\u6279\u529f\u80fd\u672a\u80fd\u6b63\u786e\u7ed1\u5b9atsx\u3001jiti\u7b49\u7279\u5b9a\u811a\u672c\u8fd0\u884c\u5668\u7684\u53ef\u53d8\u6587\u4ef6\u64cd\u4f5c\u6570\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5148\u83b7\u53d6\u826f\u6027\u811a\u672c\u547d\u4ee4\u7684\u5ba1\u6279\uff0c\u968f\u540e\u91cd\u5199\u78c1\u76d8\u4e0a\u88ab\u5f15\u7528\u7684\u811a\u672c\uff0c\u8fdb\u800c\u5728\u5df2\u5ba1\u6279\u7684\u8fd0\u884c\u4e0a\u4e0b\u6587\u4e2d\u6267\u884c\u6076\u610f\u4fee\u6539\u540e\u7684\u4ee3\u7801\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\nhttps://github.com/openclaw/openclaw/security/advisories/GHSA-qc36-x95h-7j53",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2026-16621",
  "openTime": "2026-04-09",
  "patchDescription": "OpenClaw\u662f\u4e00\u6b3e\u7528\u4e8e\u6743\u9650\u7ba1\u7406\u7684\u547d\u4ee4\u884c\u5de5\u5177\u3002\r\n\r\nOpenClaw 2026.3.11\u4e4b\u524d\u7248\u672c\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8esystem.run\u5ba1\u6279\u529f\u80fd\u672a\u80fd\u6b63\u786e\u7ed1\u5b9atsx\u3001jiti\u7b49\u7279\u5b9a\u811a\u672c\u8fd0\u884c\u5668\u7684\u53ef\u53d8\u6587\u4ef6\u64cd\u4f5c\u6570\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5148\u83b7\u53d6\u826f\u6027\u811a\u672c\u547d\u4ee4\u7684\u5ba1\u6279\uff0c\u968f\u540e\u91cd\u5199\u78c1\u76d8\u4e0a\u88ab\u5f15\u7528\u7684\u811a\u672c\uff0c\u8fdb\u800c\u5728\u5df2\u5ba1\u6279\u7684\u8fd0\u884c\u4e0a\u4e0b\u6587\u4e2d\u6267\u884c\u6076\u610f\u4fee\u6539\u540e\u7684\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "OpenClaw\u6388\u6743\u95ee\u9898\u6f0f\u6d1e\uff08CNVD-2026-16621\uff09\u7684\u8865\u4e01",
  "products": {
    "product": "OpenClaw OpenClaw \u003c2026.3.11"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2026-32978",
  "serverity": "\u9ad8",
  "submitTime": "2026-04-08",
  "title": "OpenClaw\u6388\u6743\u95ee\u9898\u6f0f\u6d1e\uff08CNVD-2026-16621\uff09"
}

CVE-2026-32978 (GCVE-0-2026-32978)

Vulnerability from cvelistv5 – Published: 2026-03-29 12:44 – Updated: 2026-03-30 14:31

Title

OpenClaw < 2026.3.11 - Approval Bypass via Unrecognized Script Runners

Summary

OpenClaw before 2026.3.11 contains an approval integrity vulnerability where system.run approvals fail to bind mutable file operands for certain script runners like tsx and jiti. Attackers can obtain approval for benign script commands, rewrite referenced scripts on disk, and execute modified code under the approved run context.

Severity ?

8 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H

CWE

CWE-863 - Incorrect Authorization

Assigner

VulnCheck

References

URL

Tags

	https://github.com/openclaw/openclaw/security/adv…	third-party-advisory
	https://www.vulncheck.com/advisories/openclaw-app…	third-party-advisory

Impacted products

	Vendor	Product	Version
	OpenClaw	OpenClaw	Affected: 0 , < 2026.3.11 (semver) Unaffected: 2026.3.11 (semver)

Date Public ?

2026-03-12 00:00

Credits

tdjackey

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-32978",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-30T14:30:21.362115Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-30T14:31:21.412Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "packageURL": "pkg:npm/openclaw",
          "product": "OpenClaw",
          "vendor": "OpenClaw",
          "versions": [
            {
              "lessThan": "2026.3.11",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "status": "unaffected",
              "version": "2026.3.11",
              "versionType": "semver"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*",
                  "versionEndExcluding": "2026.3.11",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "tdjackey"
        }
      ],
      "datePublic": "2026-03-12T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "OpenClaw before 2026.3.11 contains an approval integrity vulnerability where system.run approvals fail to bind mutable file operands for certain script runners like tsx and jiti. Attackers can obtain approval for benign script commands, rewrite referenced scripts on disk, and execute modified code under the approved run context."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 9.4,
            "baseSeverity": "CRITICAL",
            "privilegesRequired": "LOW",
            "subAvailabilityImpact": "HIGH",
            "subConfidentialityImpact": "HIGH",
            "subIntegrityImpact": "HIGH",
            "userInteraction": "PASSIVE",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-863",
              "description": "Incorrect Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-29T12:44:27.571Z",
        "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "shortName": "VulnCheck"
      },
      "references": [
        {
          "name": "GitHub Security Advisory (GHSA-qc36-x95h-7j53)",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-qc36-x95h-7j53"
        },
        {
          "name": "VulnCheck Advisory: OpenClaw \u003c 2026.3.11 - Approval Bypass via Unrecognized Script Runners",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://www.vulncheck.com/advisories/openclaw-approval-bypass-via-unrecognized-script-runners"
        }
      ],
      "title": "OpenClaw \u003c 2026.3.11 - Approval Bypass via Unrecognized Script Runners",
      "x_generator": {
        "engine": "vulncheck"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
    "assignerShortName": "VulnCheck",
    "cveId": "CVE-2026-32978",
    "datePublished": "2026-03-29T12:44:27.571Z",
    "dateReserved": "2026-03-17T11:31:33.584Z",
    "dateUpdated": "2026-03-30T14:31:21.412Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2026-16621

CVE-2026-32978 (GCVE-0-2026-32978)

Tags

Sightings

Nomenclature