CVE-2026-32000
Received Received - Intake
Command Injection in OpenClaw Lobster Extension Enables Remote Code Execution

Publication date: 2026-03-19

Last updated on: 2026-03-25

Assigner: VulnCheck

Description
OpenClaw versions prior to 2026.2.19 contain a command injection vulnerability in the Lobster extension tool execution that uses Windows shell fallback with shell: true after spawn failures. Attackers can inject shell metacharacters in command arguments to execute arbitrary commands when subprocess launch fails with EINVAL or ENOENT errors.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-19
Last Modified
2026-03-25
Generated
2026-06-16
AI Q&A
2026-03-19
EPSS Evaluated
2026-06-14
NVD
CVE-2026-32000
EUVD
EUVD-2026-13039
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
openclaw openclaw to 2026.2.19 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-78 The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Detection Guidance

I don't know

Mitigation Strategies

To mitigate the vulnerability CVE-2026-32000, you should upgrade OpenClaw to version 2026.2.19 or later, where the vulnerable shell fallback mechanism has been removed.

The fix replaces the insecure Windows shell fallback execution with an explicit argument vector (argv) execution approach that prevents command injection.

Ensure that your environment does not rely on the vulnerable versions of the Lobster extension tool and verify that the updated version is deployed.

Executive Summary

CVE-2026-32000 is a command injection vulnerability in OpenClaw versions prior to 2026.2.19, specifically in the Lobster extension tool on Windows. When the tool tries to launch subprocesses and encounters spawn failures with errors EINVAL or ENOENT, it falls back to using Windows shell execution with the option `shell: true`. This fallback allows attackers to inject shell metacharacters into command arguments, which the shell then interprets, enabling arbitrary command execution.

The root cause is improper neutralization of special shell elements (CWE-78), allowing externally influenced input to modify operating system commands executed downstream. The vulnerability was fixed by removing the shell fallback mechanism and instead resolving Windows wrappers to explicit executable or script argument vectors, preventing shell interpretation of command arguments.

Impact Analysis

This vulnerability can allow an attacker with limited privileges to execute arbitrary commands on a Windows system running vulnerable versions of OpenClaw. Because the fallback to shell execution interprets shell metacharacters, an attacker could inject malicious commands that the system would execute, potentially leading to unauthorized actions, system compromise, or disruption of service.

The severity is rated as moderate with a CVSS v4 base score of 5.8, indicating a significant risk especially in environments where the Lobster tool is used and subprocess spawn failures occur.

Compliance Impact

I don't know

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-32000. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart