Cyber Posture

CVE-2026-42434

HighPublic PoC

Published: 05 May 2026

Published
05 May 2026
Modified
05 May 2026
KEV Added
Patch
CVSS Score 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0005 15.5th percentile
Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Description

OpenClaw versions 2026.4.5 before 2026.4.10 contain a sandbox escape vulnerability allowing sandboxed agents to override exec routing by specifying host=node. Attackers can bypass sandbox boundaries and route execution to remote nodes instead of intended sandbox paths.

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match
prevent

Requires timely identification, reporting, and correction of flaws like CVE-2026-42434, enabling patching to OpenClaw 2026.4.10 to fix the sandbox escape.

AC-25 Reference Monitor good match
prevent

Implements a reference monitor to mediate and enforce access control policies, preventing sandboxed agents from overriding exec routing to unauthorized remote nodes.

AC-3 Access Enforcement good match
prevent

Enforces approved authorizations for access to system resources, blocking low-privileged sandboxed agents from bypassing boundaries via host parameter overrides.

Security SummaryAI

CVE-2026-42434 is a sandbox escape vulnerability (CWE-863: Incorrect Authorization) in OpenClaw versions 2026.4.5 before 2026.4.10. It enables sandboxed agents to override exec routing by specifying host=node, allowing attackers to bypass sandbox boundaries and route execution to remote nodes instead of the intended sandbox paths. The vulnerability was published on 2026-05-05 and carries a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).

Attackers with low privileges (PR:L) can exploit this vulnerability over the network (AV:N) with low complexity (AC:L) and no user interaction (UI:N). Successful exploitation allows bypassing sandbox restrictions to execute code on remote nodes, resulting in high impacts to confidentiality, integrity, and availability (C:H/I:H/A:H) within unchanged scope (S:U).

Advisories recommend upgrading to OpenClaw version 2026.4.10 or later for mitigation. Patch details are available in the GitHub commit at https://github.com/openclaw/openclaw/commit/dffad08529202edbf34e4808788e1182fe10f6a9, the GitHub security advisory at https://github.com/openclaw/openclaw/security/advisories/GHSA-736r-jwj6-4w23, and the VulnCheck advisory at https://www.vulncheck.com/advisories/openclaw-sandbox-escape-via-host-parameter-override-in-exec-routing.

Details

CWE(s)
CWE-863

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
attack.mitre.org →
T1611 Escape to Host Privilege Escalation
Adversaries may break out of a container or virtualized environment to gain access to the underlying host.
attack.mitre.org →
T1059 Command and Scripting Interpreter Execution
Adversaries may abuse command and script interpreters to execute commands, scripts, or binaries.
attack.mitre.org →
Why these techniques?

Sandbox escape via exec routing override (CWE-863) with AV:N/PR:L directly enables remote code execution on unintended nodes (T1059), breakout from sandbox boundaries analogous to container/host escape (T1611), and exploitation of network-accessible application (T1190).

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

References