Skip to content
CVSS 8.8 · HIGH

CVE-2026-42434

OpenClaw versions 2026.4.5 before 2026.4.10 contain a sandbox escape vulnerability allowing sandboxed agents to override exec routing by specifying host=node. Attackers can bypass sandbox boundaries and route execution to remote nodes instead of intended sandbox paths.

Ver en NVD

Análisis

OpenClaw is a niche agent orchestration tool, and while this sandbox escape allows remote code execution on nodes, the product is not widely adopted enough in the general developer community to warrant an alert. The impact is localized to specific users of this specialized platform.

Severidad

Puntaje: 8.8(HIGH)
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AV: NETWORK
AC: LOW
PR: LOW
UI: NONE
S: UNCHANGED
C: HIGH
I: HIGH
A: HIGH
Tipo de falla (CWE): CWE-863

EPSS

Probabilidad de explotación (próx. 30 días): 0.0005 (0.1%)
Percentil: 15.5%
EPSS: 2026-05-06

Descripción técnica

OpenClaw versions 2026.4.5 before 2026.4.10 contain a sandbox escape vulnerability allowing sandboxed agents to override exec routing by specifying host=node. Attackers can bypass sandbox boundaries and route execution to remote nodes instead of intended sandbox paths.

Publicada: 5/5/2026, 12:16:17
Última modificación: 5/5/2026, 19:47:31

Referencias

InicioEventosBlogRecursosEquipo