CVE-2026-27646 OpenClaw < 2026.3.7 - Sandbox Escape via /acp spawn Command

OpenClaw versions prior to 2026.3.7 contain a sandbox escape vulnerability in the /acp spawn command that allows authorized sandboxed sessions to initialize host-side ACP runtime. Attackers can bypass sandbox restrictions by invoking the /acp spawn slash-command to cross from sandboxed chat conte...

CVE-2026-27646 OpenClaw < 2026.3.7 - Sandbox Escape via /acp spawn Command

OpenClaw versions prior to 2026.3.7 contain a sandbox escape vulnerability in the /acp spawn command that allows authorized sandboxed sessions to initialize host-side ACP runtime. Attackers can bypass sandbox restrictions by invoking the /acp spawn slash-command to cross from sandboxed chat conte...

CVE-2026-27646

OpenClaw Open Source project is vulnerable to a sandbox-escape in the /acp spawn path prior to version 2026.3.7. A sandboxed session could reach host-side ACP runtime initialization via the /acp spawn command, bypassing sandbox restrictions and potentially enabling host-context ACP initialization...

Protection Mechanism Failure

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Protection Mechanism Failure via the /acp spawn command handler. An attacker can escalate privileges by initializing host-side ACP sessions from a sandboxed context when ACP is enabled an...

OpenClaw: Sandboxed /acp spawn requests could initialize host ACP sessions

Summary Sandboxed requester sessions could reach host-side ACP session initialization through /acp spawn. OpenClaw already blocked sessionsspawn runtime: "acp" from sandboxed sessions, but the slash-command path initialized ACP directly without applying the same host-runtime guard first. Affected...