CVE-2026-32022
Modified Modified - Updated After Analysis
Stdin Policy Bypass in OpenClaw grep Allows Arbitrary File Read

Publication date: 2026-03-19

Last updated on: 2026-05-26

Assigner: VulnCheck

Description
OpenClaw versions prior to 2026.2.21 contain a stdin-only policy bypass vulnerability in the grep tool within tools.exec.safeBins that allows attackers to read arbitrary files by supplying a pattern via the -e flag parameter. Attackers can include a positional filename operand to bypass file access restrictions and read sensitive files.env from the working directory.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-19
Last Modified
2026-05-26
Generated
2026-06-16
AI Q&A
2026-03-20
EPSS Evaluated
2026-06-15
NVD
CVE-2026-32022
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
openclaw openclaw to 2026.2.21 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-184 The product implements a protection mechanism that relies on a list of inputs (or properties of inputs) that are not allowed by policy or otherwise require other action to neutralize before additional processing takes place, but the list is incomplete.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in OpenClaw versions prior to 2026.2.21 and involves a stdin-only policy bypass in the grep tool within tools.exec.safeBins.

Attackers can exploit this by supplying a pattern via the -e flag parameter and including a positional filename operand, which allows them to bypass file access restrictions.

As a result, attackers can read arbitrary and sensitive files, such as the .env file from the working directory.

Impact Analysis

This vulnerability can lead to unauthorized disclosure of sensitive information by allowing attackers to read arbitrary files that should be protected.

Since attackers can access files like .env, which often contain environment variables and secrets, this could compromise application security and confidentiality.

The CVSS v3.1 score of 5.3 indicates a moderate severity, with high confidentiality impact but no impact on integrity or availability.

Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

I don't know

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-32022. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart