Rafael M

**Name of the Vulnerable Software and Affected Versions** OpenClaw versions prior to 2026.2.21 **Description** The software contains an improper sandbox configuration that could allow attackers to execute arbitrary code. This is achieved by exploiting renderer-side issues without needing to escape the sandbox. The OS-level sandbox protections within the Chromium browser container are disabled, enabling code execution on the host system. **Recommendations** Update OpenClaw to version 2026.2.21 or later.

**Name of the Vulnerable Software and Affected Versions** OpenClaw versions prior to 2026.2.21 **Description** The OpenClaw sandbox browser entrypoint launches x11vnc without authentication for noVNC observer sessions, granting unauthenticated access to the VNC interface. Attackers on the host loopback interface can connect to the exposed noVNC port and observe or interact with the sandbox browser without credentials. The issue affects versions prior to 2026.2.21. **Recommendations** Update OpenClaw to version 2026.2.21 or later.