What is the CVSS score of EUVD-2026-13962?

EUVD-2026-13962 has a CVSS 3.1 base score of 2.6 (Low). CVSS vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N. EPSS exploitation probability: 0.0%.

Which versions of Openclaw are affected by EUVD-2026-13962?

CVE-2026-32058 is a low-severity vulnerability (CVSS 2.6). The limited severity suggests constrained impact, typically requiring specific conditions or local access for exploitation.. A patch is available.

Is there a public PoC exploit available for EUVD-2026-13962?

Yes, a public proof-of-concept exploit is available for EUVD-2026-13962. Prioritise patching immediately. EPSS: 0.0%.

How to fix or mitigate EUVD-2026-13962?

During next maintenance window: Apply vendor patches when convenient. Vendor patch is available.

Openclaw EUVD-2026-13962

| CVE-2026-32058 LOW

Incorrect Authorization (CWE-863)

2026-03-21 VulnCheck

Authentication Bypass Openclaw

2.6

CVSS 3.1 · NVD

Severity by source

NVD PRIMARY

2.6 LOW

AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N

Attack Vector

Network

Attack Complexity

High

Privileges Required

Low

User Interaction

Required

Scope

Unchanged

Confidentiality

None

Integrity

Low

Availability

None

Lifecycle Timeline

PoC Detected

Mar 24, 2026 - 21:10 vuln.today

Public exploit code

EUVD ID Assigned

Mar 21, 2026 - 01:00 euvd

EUVD-2026-13962

Analysis Generated

Mar 21, 2026 - 01:00 vuln.today

Patch released

Mar 21, 2026 - 01:00 nvd

Patch available

CVE Published

Mar 21, 2026 - 00:42 nvd

LOW 2.6

Blast Radius

ecosystem impact

† from your stack dependencies † transitive graph · vuln.today resolves 4-path depth

2 npm packages depend on openclaw (2 direct, 0 indirect)

Ecosystem-wide dependent count for version 2026.2.26.

DescriptionCVE.org

OpenClaw versions prior to 2026.2.26 contain an approval context-binding weakness in system.run execution flows with host=node that allows reuse of previously approved requests with modified environment variables. Attackers with access to an approval id can exploit this by reusing an approval with changed env input, bypassing execution-integrity controls in approval-enabled workflows.

AnalysisAI

OpenClaw versions prior to 2026.2.26 contain an approval context-binding weakness that allows attackers to reuse previously approved system.run execution requests with modified environment variables, bypassing approval-enabled workflow integrity controls. An attacker with access to an approval ID can exploit this vulnerability to execute commands with different environment settings than originally approved, effectively circumventing execution-integrity safeguards. …

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Vulnerability AssessmentAI

Risk Assessment	The CVSS v3.1 score of 2.6 reflects several mitigating factors: Network attack vector (AV:N) is somewhat offset by high attack complexity (AC:H), requirement for local privileges (PR:L), and user interaction (UI:R). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario	An insider with access to OpenClaw approvals (PR:L requirement) identifies a previously approved deployment request with a specific set of environment variables. The attacker obtains the approval ID and, before execution occurs, modifies the environment variables in the request (e.g., changing a database connection string or API endpoint) while keeping the same approval ID. …
Remediation	Upgrade OpenClaw to version 2026.2.26 or later to apply the patch. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

During next maintenance window: Apply vendor patches when convenient. …

Threat intelligence, references, and detailed analysis are available after sign-in.

More from same product – last 7 days

CVE-2026-53836 HIGH This Week

8.7 Jun 12

Remote code execution in OpenClaw before 2026.5.12 allows authenticated operators to bypass the PowerShell execution all

CVE-2026-53822 HIGH This Week

8.7 Jun 12

Command injection in OpenClaw before 2026.5.18 allows authenticated attackers to modify shell wrapper argv between appro

CVE-2026-53819 HIGH This Week

8.7 Jun 11

Arbitrary code execution in OpenClaw before 2026.5.27 lets attackers hijack the Homebrew executable resolved during skil

CVE-2026-53817 HIGH This Week

8.7 Jun 11

Authentication bypass in OpenClaw before 2026.5.22 allows authenticated network attackers to spoof locality information

CVE-2026-53821 HIGH This Week

8.7 Jun 12

Privilege escalation in OpenClaw before 2026.5.18 allows WebSocket-connected Control UI clients to claim operator.admin

EUVD-2026-13962 vulnerability details – vuln.today

Back

Openclaw EUVD-2026-13962

Severity by source

CVSS VectorNVD

Lifecycle Timeline

Blast Radius

DescriptionCVE.org

AnalysisAI

Unlock full vulnerability intelligence

Vulnerability AssessmentAI

Recommended ActionAI

More from same product – last 7 days

Share

External POC / Exploit Code