TROYANOSYVIRUS
Volver a CVEs

CVE-2026-27002

CRITICAL
9.8

Descripcion

OpenClaw is a personal AI assistant. Prior to version 2026.2.15, a configuration injection issue in the Docker tool sandbox could allow dangerous Docker options (bind mounts, host networking, unconfined profiles) to be applied, enabling container escape or host data access. OpenClaw 2026.2.15 blocks dangerous sandbox Docker settings and includes runtime enforcement when building `docker create` args; config-schema validation for `network=host`, `seccompProfile=unconfined`, `apparmorProfile=unconfined`; and security audit findings to surface dangerous sandbox docker config. As a workaround, do not configure `agents.*.sandbox.docker.binds` to mount system directories or Docker socket paths, keep `agents.*.sandbox.docker.network` at `none` (default) or `bridge`, and do not use `unconfined` for seccomp/AppArmor profiles.

Detalles CVE

Puntuacion CVSS v3.19.8
SeveridadCRITICAL
Vector CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vector de ataqueNETWORK
ComplejidadLOW
Privilegios requeridosNONE
Interaccion usuarioNONE
Publicado2/20/2026
Ultima modificacion2/20/2026
Fuentenvd
Avistamientos honeypot0

Productos afectados

openclaw:openclaw

Debilidades (CWE)

CWE-250

Referencias

https://github.com/openclaw/openclaw/commit/887b209db47f1f9322fead241a1c0b043fd38339(security-advisories@github.com)
https://github.com/openclaw/openclaw/releases/tag/v2026.2.15(security-advisories@github.com)
https://github.com/openclaw/openclaw/security/advisories/GHSA-w235-x559-36mg(security-advisories@github.com)

Correlaciones IOC

Sin correlaciones registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.