CVE-2026-28479
SHA-1 Collision Enables Cache Poisoning in OpenClaw Sandbox
Publication date: 2026-03-05
Last updated on: 2026-03-17
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| openclaw | openclaw | to 2026.2.15 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-327 | The product uses a broken or risky cryptographic algorithm or protocol. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability affects OpenClaw versions prior to 2026.2.15, where SHA-1 is used to hash sandbox identifier cache keys for Docker and browser sandbox configurations.
SHA-1 is a deprecated hashing algorithm that is vulnerable to collision attacks, meaning an attacker can create two different inputs that produce the same hash output.
An attacker can exploit these SHA-1 collisions to poison the cache, causing one sandbox configuration to be mistaken for another, which can lead to unsafe reuse of sandbox states.
How can this vulnerability impact me? :
The impact of this vulnerability is that an attacker can cause cache poisoning by exploiting SHA-1 collisions.
This can result in one sandbox configuration being misinterpreted as another, potentially allowing unsafe sandbox state reuse.
Such unsafe reuse could lead to security risks, including unauthorized access or execution within sandboxed environments.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
I don't know
What immediate steps should I take to mitigate this vulnerability?
I don't know