What is the CVSS score of CVE-2026-27002?

CVE-2026-27002 has a CVSS 3.1 base score of 9.8 (Critical). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.1%.

Which versions of Docker are affected by CVE-2026-27002?

CVE-2026-27002 is a critical vulnerability in OpenClaw AI assistant that could allow attackers to escape containerized environments and access sensitive host data.. A patch is available.

Docker CVE-2026-27002

CRITICAL

Execution with Unnecessary Privileges (CWE-250)

2026-02-20 security-advisories@github.com

GHSA-w235-x559-36mg

Docker DNS .NET AI / ML Openclaw

9.8

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 22:04 vuln.today

Patch released

Feb 20, 2026 - 18:11 nvd

Patch available

CVE Published

Feb 20, 2026 - 00:16 nvd

CRITICAL 9.8

DescriptionNVD

OpenClaw is a personal AI assistant. Prior to version 2026.2.15, a configuration injection issue in the Docker tool sandbox could allow dangerous Docker options (bind mounts, host networking, unconfined profiles) to be applied, enabling container escape or host data access. OpenClaw 2026.2.15 blocks dangerous sandbox Docker settings and includes runtime enforcement when building docker create args; config-schema validation for network=host, seccompProfile=unconfined, apparmorProfile=unconfined; and security audit findings to surface dangerous sandbox docker config. As a workaround, do not configure agents.*.sandbox.docker.binds to mount system directories or Docker socket paths, keep agents.*.sandbox.docker.network at none (default) or bridge, and do not use unconfined for seccomp/AppArmor profiles.

AnalysisAI

Configuration injection in OpenClaw Docker sandbox before 2026.2.15 allows escaping sandbox restrictions. Patch available.

RemediationAI

Within 24 hours: Identify all systems running OpenClaw and assess exposure scope; disable OpenClaw's Docker tool sandbox if business operations permit. Within 7 days: Deploy patch to version 2026.2.15 or later across all affected instances; validate patch application in pre-production first. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

CVE-2026-27002 vulnerability details – vuln.today

Back

Docker CVE-2026-27002

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

Share

External POC / Exploit Code