CVE-2026-32007: OpenClaw: Experimental apply_patch may bypass workspace-only checks in opt-in sandbox mounts (off by default)

March 3, 2026 (updated March 19, 2026)

In some opt-in sandbox configurations, the experimental apply_patch tool did not consistently apply workspace-only checks to mounted paths (for example /agent/...).

References

github.com/advisories/GHSA-h9xm-j4qg-fvpg
github.com/openclaw/openclaw
github.com/openclaw/openclaw/commit/6634030be31e1a1842967df046c2f2e47490e6bf
github.com/openclaw/openclaw/security/advisories/GHSA-h9xm-j4qg-fvpg
nvd.nist.gov/vuln/detail/CVE-2026-32007

Code Behaviors & Features

Detect and mitigate CVE-2026-32007 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →