CVE-2026-32918
Session Sandbox Escape in OpenClaw session_status Tool Allows Data Access
Publication date: 2026-03-29
Last updated on: 2026-03-31
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| openclaw | openclaw | to 2026.3.11 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-863 | The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows unauthorized access and modification of session data beyond the intended sandbox scope, compromising confidentiality and integrity of sensitive information.
Such unauthorized access to session data could lead to violations of data protection regulations like GDPR and HIPAA, which mandate strict controls over access to personal and sensitive information.
Therefore, exploitation of this vulnerability may result in non-compliance with these common standards and regulations due to the potential exposure and unauthorized modification of protected data.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, you should update OpenClaw to version 2026.3.11 or later, where the issue has been fixed by enforcing proper session visibility checks in the session_status tool.
Can you explain this vulnerability to me?
CVE-2026-32918 is a session sandbox escape vulnerability in OpenClaw versions before 2026.3.11, specifically in the session_status tool.
The vulnerability allows sandboxed subagents to bypass their restricted environment by supplying arbitrary sessionKey values, enabling them to access or modify session data outside their sandbox scope.
This includes reading or changing parent or sibling session state and persisted model overrides.
The root cause is incorrect authorization checks (CWE-863), where the product performs authorization but does not properly enforce it, allowing unauthorized access.
The issue was fixed in OpenClaw version 2026.3.11 by enforcing session visibility checks before any read or mutation of session state.
How can this vulnerability impact me? :
This vulnerability can have a significant impact by allowing a low-privilege local attacker to gain unauthorized access to session data beyond their sandbox.
The attacker can read sensitive session information and modify session state, including persisted model overrides.
This compromises the confidentiality and integrity of session data, potentially leading to unauthorized data disclosure or manipulation.
However, the vulnerability does not affect system availability.