CVE-2026-32917 | OpenClaw up to 2026.3.12 Attachments os command injection (GHSA-g2f6-pwvx-r275)

A vulnerability was found in OpenClaw up to 2026.3.12. It has been classified as critical. Impacted is an unknown function of the component Attachments Handler. The manipulation leads to os command injection.

This vulnerability is traded as CVE-2026-32917. It is possible to initiate the attack remotely. There is no exploit available.

Upgrading the affected component is recommended.VulDB Recent EntriesRead More