What is the CVSS score of CVE-2026-32051?

CVE-2026-32051 has a CVSS 3.1 base score of 8.8 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.1%.

Which versions of OpenClaw are affected by CVE-2026-32051?

OpenClaw versions before 2026.3.1 contain a privilege escalation vulnerability allowing authenticated operators to perform owner-only administrative functions, including gateway and cron management,…. A patch is available.

Is there a public PoC exploit available for CVE-2026-32051?

Yes, a public proof-of-concept exploit is available for CVE-2026-32051. Prioritise patching immediately. EPSS: 0.1%.

OpenClaw CVE-2026-32051

EUVD-2026-13949 HIGH

Incorrect Authorization (CWE-863)

2026-03-21 VulnCheck

GHSA-x2pq-6fc2-wh58

Authentication Bypass

8.8

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Updated

Apr 16, 2026 - 06:18 EUVD-patch-fix

executive_summary

Re-analysis Queued

Apr 16, 2026 - 05:29 backfill_euvd_patch

patch_released

Patch available

Apr 16, 2026 - 05:29 EUVD

2026.3.1

PoC Detected

Mar 23, 2026 - 17:08 vuln.today

Public exploit code

EUVD ID Assigned

Mar 21, 2026 - 01:00 euvd

EUVD-2026-13949

Analysis Generated

Mar 21, 2026 - 01:00 vuln.today

CVE Published

Mar 21, 2026 - 00:42 nvd

HIGH 8.8

DescriptionNVD

OpenClaw versions prior to 2026.3.1 contain an authorization mismatch vulnerability that allows authenticated callers with operator.write scope to invoke owner-only tool surfaces including gateway and cron through agent runs in scoped-token deployments. Attackers with write-scope access can perform control-plane actions beyond their intended authorization level by exploiting inconsistent owner-only gating during agent execution.

AnalysisAI

An authorization mismatch vulnerability in OpenClaw versions prior to 2026.3.1 allows authenticated users with operator.write scope to escalate privileges and execute owner-only administrative functions including gateway and cron management through agent runs in scoped-token deployments. This is a privilege escalation issue affecting deployments using scoped authentication tokens, where write-level access can be exploited to perform control-plane operations reserved for owners. …

RemediationAI

Within 24 hours: Inventory all OpenClaw deployments and identify instances running versions prior to 2026.3.1, particularly those using scoped-token authentication. Within 7 days: Apply vendor patch to upgrade all affected instances to OpenClaw 2026.3.1 or later; verify scoped-token configurations post-upgrade. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

CVE-2026-32051 vulnerability details – vuln.today

Back

OpenClaw CVE-2026-32051

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

Share

External POC / Exploit Code