CVE-2026-32979
OpenClaw: Unbound interpreter and runtime commands could bypass node-host approval integrity
Description
## Summary In affected versions of `openclaw`, node-host `system.run` approvals could still execute rewritten local code for interpreter and runtime commands when OpenClaw could not bind exactly one concrete local file operand during approval planning. ## Impact Deployments using node-host `system.run` approval mode could approve a benign local script and then execute different local code if that script changed before execution. This can lead to unintended local code execution as the OpenClaw runtime user. ## Affected Packages and Versions - Package: `openclaw` (npm) - Affected versions: `<= 2026.3.8` - Fixed in: `2026.3.11` ## Technical Details The approval flow treated some interpreter and runtime forms as approval-backed even when it could not honestly bind a single direct local script file. That left residual approval-integrity gaps for runtime forms outside the directly bound file set. ## Fix OpenClaw now fails closed for approval-backed interpreter and runtime commands unless it can bind exactly one concrete local file operand, and it extends best-effort direct-file binding for additional runtime forms. The fix shipped in `[email protected]`. ## Workarounds Upgrade to `2026.3.11` or later.
How to fix CVE-2026-32979
To remediate CVE-2026-32979, upgrade the affected package to a fixed version below.
- —upgrade to 2026.3.11 or later
Is CVE-2026-32979 being exploited?
Low — EPSS is 0.0%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 2026.3.11