EUVD-2026-16999
GHSA-wcxr-59v9-rxr8
CVSS Vector
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
4Description
OpenClaw before 2026.3.11 contains a session sandbox escape vulnerability in the session_status tool that allows sandboxed subagents to access parent or sibling session state. Attackers can supply arbitrary sessionKey values to read or modify session data outside their sandbox scope, including persisted model overrides.
Analysis
Session sandbox escape in OpenClaw versions prior to 2026.3.11 allows local authenticated attackers with low-privilege sandboxed subagent access to read and modify session data across isolation boundaries by manipulating sessionKey parameters in the session_status tool. Exploitation enables unauthorized access to parent or sibling session state including persisted model overrides, bypassing critical security isolation controls. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Identify all systems running OpenClaw versions prior to 2026.3.11 and document current deployment scope. Within 7 days: Contact vendor for patch timeline and interim compensating control guidance; restrict low-privilege sandboxed subagent access to trusted environments only; implement network-level session isolation if possible. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today