Executive Summary

CVE-2026-32920 is a vulnerability in OpenClaw versions before 2026.3.12 where the software automatically discovers and loads workspace plugins from the .OpenClaw/extensions/ directory without verifying if they are trusted.

This means that if an attacker includes a specially crafted malicious plugin in a cloned repository, the malicious code will execute automatically when a user runs OpenClaw from that directory.

The flaw allows arbitrary code execution under the user's account simply by opening or running OpenClaw in an untrusted repository, due to the lack of explicit trust verification before loading plugins.

Useful 0 Not Useful 0

Impact Analysis

This vulnerability can lead to arbitrary code execution on your system with the privileges of the user running OpenClaw.

An attacker can exploit this by placing malicious plugins in a cloned repository, which will execute automatically when you run OpenClaw from that directory.

The impact includes potential compromise of confidentiality, integrity, and availability of your system and data, as the attacker can execute any code they choose.

Useful 0 Not Useful 0

Detection Guidance

This vulnerability involves OpenClaw automatically loading plugins from the .OpenClaw/extensions/ directory without explicit trust verification. Detection would involve checking for the presence of untrusted or suspicious plugins in this directory within cloned repositories.

You can inspect the .OpenClaw/extensions/ directory in your workspace repositories to identify any unexpected or malicious plugins.

• Use commands like `ls -la .OpenClaw/extensions/` in your project directories to list loaded plugins.
• Check for recently added or modified files in the .OpenClaw/extensions/ directory using `find .OpenClaw/extensions/ -type f -exec ls -l {} +`.
• Audit your repositories for any cloned directories containing the .OpenClaw/extensions/ folder with suspicious content.

Since the vulnerability triggers when running OpenClaw from a directory containing malicious plugins, monitoring execution of OpenClaw in untrusted directories may also help detect exploitation attempts.

Useful 0 Not Useful 0

Mitigation Strategies

The primary mitigation step is to update OpenClaw to version 2026.3.12 or later, which requires explicit trust verification before loading workspace plugins.

Until you can update, avoid running OpenClaw from untrusted or cloned repositories that may contain malicious plugins in the .OpenClaw/extensions/ directory.

• Upgrade OpenClaw to version 2026.3.12 or newer.
• Do not run OpenClaw in directories containing untrusted or unknown workspace plugins.
• Manually inspect and remove any suspicious plugins from the .OpenClaw/extensions/ directories in your workspaces.

Useful 0 Not Useful 0

Compliance Impact

The vulnerability allows arbitrary code execution by loading untrusted plugins automatically, which can lead to unauthorized access, modification, or disruption of data and system operations.

Such unauthorized code execution and potential data compromise could negatively impact compliance with standards and regulations like GDPR and HIPAA, which require protection of sensitive data and system integrity.

Specifically, the high severity and the ability for attackers to execute code without user interaction or privileges increase the risk of data breaches or system misuse, which are critical concerns under these regulations.

Therefore, organizations using affected OpenClaw versions prior to 2026.3.12 should update promptly to mitigate risks that could lead to non-compliance.

Useful 0 Not Useful 0