CVE-2026-32058

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.2.26

Description The software contains an approval context-binding weakness in system.run execution flows with host=node. This allows reuse of previously approved requests with modified environment variables. An attacker with access to an approval id can exploit this by reusing an approval with changed environment input, bypassing execution-integrity controls in approval-enabled workflows. The host parameter must be set to node for the issue to be exploitable. The vulnerability affects the execution flow of the system.run function.

Recommendations Update OpenClaw to version 2026.2.26 or later.