New CVE-2026-32048 Exposes OpenClaw Sandbox Escape via Cross-Agent Session Spawning
What happened
A new high-severity vulnerability, CVE-2026-32048, was publicly disclosed on March 21 affecting all OpenClaw versions prior to 2026.3.1. The flaw lies in cross-agent session spawning: when a sandboxed session triggers a sessions_spawn operation, the child process does not inherit the parent's sandbox restrictions. This allows an attacker who controls a sandboxed session to spawn child runtimes with sandbox.mode set to off, effectively escaping runtime confinement.
The vulnerability carries a CVSS v3.1 score of 7.5 (High). According to the advisory, exploitation requires network access with low privileges and no user interaction, though the attack complexity is rated High due to the specific workflow required to trigger the cross-agent spawn path.
Why it matters
This is the latest in a growing wave of OpenClaw CVEs that target the platform's security boundaries. For enterprises running multi-agent deployments — particularly those with mixed trust levels between agents — the sandbox escape represents a credible privilege-escalation path from a compromised low-trust agent to full code execution in an unsandboxed context. Combined with the 135,000+ exposed instances identified earlier in March, the attack surface is substantial.
What's next
Organizations should verify they are running OpenClaw v2026.3.1 or later as a minimum. The broader pattern of sandbox-related CVEs suggests the security model for multi-agent session management needs architectural review, not just point patches. Expect the OpenClaw security team to publish a hardening guide specifically for cross-agent trust boundaries.
Related
- OpenClaw Security Monitor — Real-time CVE tracking
- SecureClaw — Hardened OpenClaw fork with enhanced sandboxing