CVE-2026-32973 - OpenClaw - Command Injection

Overview

OpenClaw < 2026.3.11 contains a command injection caused by improper normalization of exec allowlist patterns with lowercasing and glob matching, letting attackers execute unintended commands or paths, exploit requires crafted input with ? wildcard.

Severity & Score

Severity: Critical

CVSS Score: 9.8

EPSS Score: 0.0%(Probability of exploitation in next 30 days)

Impact

Attackers can execute arbitrary commands or paths not intended by operators, potentially leading to full system compromise.

Mitigation

Update to version 2026.3.11 or later.

References

Social Media Activity(6 posts)

TheHackerWire

@thehackerwire

Mar 29, 2026

🔴 CVE-2026-32973 - Critical (9.8) OpenClaw before 2026.3.11 contains an exec allowlist bypass vulnerability where matchesExecAllowlistPattern improperly normalizes patterns with lowercasing and glob matching that overmatches on POSIX paths. Attackers can exploit the ? wildcard mat... 🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-32973/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post

TheHackerWire

@thehackerwire

Mar 29, 2026

🔴 CVE-2026-32973 - Critical (9.8) OpenClaw before 2026.3.11 contains an exec allowlist bypass vulnerability where matchesExecAllowlistPattern improperly normalizes patterns with lowercasing and glob matching that overmatches on POSIX paths. Attackers can exploit the ? wildcard mat... 🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-32973/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post

TheHackerWire

@thehackerwire

Mar 29, 2026

🔴 CVE-2026-32973 - Critical (9.8) OpenClaw before 2026.3.11 contains an exec allowlist bypass vulnerability where matchesExecAllowlistPattern improperly normalizes patterns with lowercasing and glob matching that overmatches on POSIX paths. Attackers can exploit the ? wildcard mat... 🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-32973/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post

TheHackerWire

@thehackerwire

Mar 29, 2026

🔴 CVE-2026-32973 - Critical (9.8) OpenClaw before 2026.3.11 contains an exec allowlist bypass vulnerability where matchesExecAllowlistPattern improperly normalizes patterns with lowercasing and glob matching that overmatches on POSIX paths. Attackers can exploit the ? wildcard mat... 🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-32973/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post

TheHackerWire

@thehackerwire

Mar 29, 2026

🔴 CVE-2026-32973 - Critical (9.8) OpenClaw before 2026.3.11 contains an exec allowlist bypass vulnerability where matchesExecAllowlistPattern improperly normalizes patterns with lowercasing and glob matching that overmatches on POSIX paths. Attackers can exploit the ? wildcard mat... 🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-32973/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post

TheHackerWire

@thehackerwire

Mar 29, 2026

🔴 CVE-2026-32973 - Critical (9.8) OpenClaw before 2026.3.11 contains an exec allowlist bypass vulnerability where matchesExecAllowlistPattern improperly normalizes patterns with lowercasing and glob matching that overmatches on POSIX paths. Attackers can exploit the ? wildcard mat... 🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-32973/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post

CVE-2026-32973 - Vulnerability Analysis

Overview

Severity & Score

Impact

Mitigation

References

Social Media Activity(6 posts)

Related Resources

Details

CWE

CVSS Metrics

EPSS Score