CVE-2026-32063
OpenClaw 2026.2.19-2 < 2026.2.21 - Command Injection via Newline in systemd Unit Generation
CVSS Score
7.1
EPSS Score
0.0%
EPSS Percentile
0th
OpenClaw version 2026.2.19-2 prior to 2026.2.21 contains a command injection vulnerability in systemd unit file generation where attacker-controlled environment values are not validated for CR/LF characters, allowing newline injection to break out of Environment= lines and inject arbitrary systemd directives. An attacker who can influence config.env.vars and trigger service install or restart can execute arbitrary commands with the privileges of the OpenClaw gateway service user.
| CWE | CWE-77 |
| Vendor | openclaw |
| Product | openclaw |
| Published | Mar 11, 2026 |
| Last Updated | Mar 11, 2026 |
Stay Ahead of the Next One
Get instant alerts for openclaw openclaw
Be the first to know when new high vulnerabilities affecting openclaw openclaw are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
High
Availability
High
Affected Versions
openclaw / openclaw
2026.2.19-2 < 2026.2.21
References
github.com: https://github.com/openclaw/openclaw/security/advisories/GHSA-vffc-f7r7-rx2w github.com: https://github.com/openclaw/openclaw/commit/61f646c41fb43cd87ed48f9125b4718a30d38e84 vulncheck.com: https://www.vulncheck.com/advisories/openclaw-command-injection-via-newline-in-systemd-unit-generation
Credits
๐ @tdjackey