CVE-2026-32014
Received Received - Intake
Metadata Spoofing in OpenClaw Enables Command Policy Bypass

Publication date: 2026-03-19

Last updated on: 2026-03-23

Assigner: VulnCheck

Description
OpenClaw versions prior to 2026.2.26 contain a metadata spoofing vulnerability where reconnect platform and deviceFamily fields are accepted from the client without being bound into the device-auth signature. An attacker with a paired node identity on the trusted network can spoof reconnect metadata to bypass platform-based node command policies and gain access to restricted commands.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-19
Last Modified
2026-03-23
Generated
2026-06-16
AI Q&A
2026-03-20
EPSS Evaluated
2026-06-14
NVD
CVE-2026-32014
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
openclaw openclaw to 2026.2.26 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-290 This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in OpenClaw versions prior to 2026.2.26 and involves metadata spoofing. Specifically, the reconnect platform and deviceFamily fields are accepted from the client without being included in the device-auth signature. This means an attacker who already has a paired node identity on the trusted network can spoof these metadata fields.

By spoofing this reconnect metadata, the attacker can bypass platform-based node command policies and gain access to commands that should be restricted.

Impact Analysis

The impact of this vulnerability is significant because it allows an attacker with limited privileges (a paired node identity) to escalate their access by spoofing metadata fields. This can lead to unauthorized execution of restricted commands on the device or platform.

Such unauthorized access can compromise the confidentiality, integrity, and availability of the affected system, potentially leading to data breaches, system manipulation, or denial of service.

Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

I don't know

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-32014. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart