CVE-2026-32064

Description

The sandbox browser entrypoint launched `x11vnc` without authentication (`-nopw`) for noVNC observer sessions. OpenClaw-managed runtime flow publishes the noVNC port to host loopback only (`127.0.0.1`), so default exposure is local to the host unless operators explicitly expose the port more broadly (or run the image standalone with broad port publishing). ## Affected Packages / Versions - Package: `docker/openclaw` - Affected: `<= 2026.2.19-2` - Patched: `>= 2026.2.21` ## Technical details - `scripts/sandbox-browser-entrypoint.sh` used `x11vnc ... -nopw` for noVNC observer flow. - `websockify` exposed noVNC for the container listener. - OpenClaw runtime (`src/agents/sandbox/browser.ts`) already mapped host publish to loopback, but observer auth was missing. ## Fix - Require VNC password auth in the sandbox browser entrypoint (`x11vnc -rfbauth`), replacing `-nopw`. - Generate per-container noVNC password in runtime and inject `OPENCLAW_BROWSER_NOVNC_PASSWORD`. - Emit short-lived noVNC observer token URLs instead of sharing raw noVNC passwords in shared URLs. - Keep loopback-only host port publish and bump sandbox browser security hash epoch. - Add security audit findings for sandbox browser containers that publish ports on non-loopback interfaces. Operational note: rebuild the sandbox browser image and recreate browser containers so existing containers pick up the fix. ## Fix Commit(s) - `621d8e1312482f122f18c43c72c67211b141da01` - `8c1518f0f3e0533593cd2dec3a46c9b746753661` ## Release Process Note Patched version is pre-set to the planned next release (`2026.2.21`). After npm release, this advisory can be published without further field edits. OpenClaw thanks @TerminalsandCoffee for reporting.

How to fix CVE-2026-32064

To remediate CVE-2026-32064, upgrade the affected package to a fixed version below.

• —upgrade to 2026.2.21 or later

Is CVE-2026-32064 being exploited?

Low — EPSS is 0.0%, meaning exploitation activity has not been observed at scale.

Affected packages (1)