Two New OpenClaw CVEs Published: Authorization Bypass + Approval-Integrity Flaw
Two new CVEs for OpenClaw were published on Tuesday, adding fresh urgency to what is already a busy week for the project's security posture. CVE-2026-32916 is an authorization bypass affecting versions 2026.3.7 through 2026.3.11, in which plugin subagent routes can execute gateway methods through a privileged bypass path — effectively allowing a plugin to operate above its intended permission level. CVE-2026-32971 is an approval-integrity flaw present in all versions before 2026.3.11, where the system surfaces extracted shell payloads in the approval prompt rather than the intended human-readable description, creating a social-engineering vector that could lead users to approve malicious commands without realising it.
Both vulnerabilities are patched in release 2026.3.11 and later. The fix timeline is straightforward for teams running current builds, but given the scale of OpenClaw deployments — VentureBeat reported 500,000 internet-facing instances this week — the number of operators still running older versions is likely non-trivial. The approval-integrity bug is particularly worth flagging to end users, since it specifically targets the human review step that is meant to serve as a safety backstop against automated misuse.
The combination of two new CVEs alongside the broader VentureBeat infrastructure story makes this a meaningful news cycle for OpenClaw security. Teams should verify their installed version immediately, update to 2026.3.11 or later if they have not already done so, and review any pending approval prompts with additional scrutiny until they have confirmed the patch is in place.