Description
OpenClaw versions prior to 2026.2.15 use SHA-1 to hash sandbox identifier cache keys for Docker and browser sandbox configurations, which is deprecated and vulnerable to collision attacks. An attacker can exploit SHA-1 collisions to cause cache poisoning, allowing one sandbox configuration to be misinterpreted as another and enabling unsafe sandbox state reuse.
Published: 2026-03-05
Score: 8.7 High
EPSS: < 1% Very Low
KEV: No
Impact: Cache poisoning that can cause unsafe sandbox reuse
Action: Immediate Patch
AI Analysis

Impact

Earlier OpenClaw releases used SHA‑1 to hash sandbox identifier cache keys for Docker and browser sandbox configurations. Because SHA‑1 is susceptible to collision attacks, an adversary can craft distinct sandbox identifiers that generate the same hash. This allows one sandbox configuration to be misinterpreted as another, resulting in cache poisoning and the reuse of an unsafe sandbox state. The weakness corresponds to CWE‑327, reflecting the use of a deprecated cryptographic algorithm.

Affected Systems

The affected product is OpenClaw from the vendor OpenClaw. All versions prior to 2026.2.15 are vulnerable; this includes any deployment using those historical releases of OpenClaw's node.js based implementation.

Risk and Exploitability

The CVSS base score is 8.7, indicating high confidentiality and integrity impact. The EPSS score is below 1%, suggesting that real‑world exploitation attempts are currently rare. The vulnerability is not listed in the CISA KEV catalog. Attackers would likely need to forge sandbox identifiers that collide on the SHA‑1 hash; the likely attack vector is a remote manipulation of sandbox configuration data, as inferred from the description, since no local privilege is required to insert such identifiers.

Generated by OpenCVE AI on April 17, 2026 at 12:34 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to OpenClaw 2026.2.15 or later, which removes the SHA‑1 hashing of sandbox identifiers.
  • If an upgrade is not immediately feasible, audit the configuration to ensure that any user‑supplied sandbox identifiers cannot be supplied by untrusted sources, effectively preventing collision exploitation.
  • Replace any custom caching logic that relies on SHA‑1 with a stronger hash algorithm such as SHA‑256, following best practices for cryptographic hash usage.

Generated by OpenCVE AI on April 17, 2026 at 12:34 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-fh3f-q9qw-93j9 OpenClaw replaced a deprecated sandbox hash algorithm
History

Tue, 17 Mar 2026 18:00:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:openclaw:openclaw:*:-:*:*:*:node.js:*:*

Mon, 09 Mar 2026 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 05 Mar 2026 22:15:00 +0000

Type Values Removed Values Added
Description OpenClaw versions prior to 2026.2.15 use SHA-1 to hash sandbox identifier cache keys for Docker and browser sandbox configurations, which is deprecated and vulnerable to collision attacks. An attacker can exploit SHA-1 collisions to cause cache poisoning, allowing one sandbox configuration to be misinterpreted as another and enabling unsafe sandbox state reuse.
Title OpenClaw < 2026.2.15 - Cache Poisoning via Deprecated SHA-1 Hash in Sandbox Configuration
First Time appeared Openclaw
Openclaw openclaw
Weaknesses CWE-327
CPEs cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*
Vendors & Products Openclaw
Openclaw openclaw
References
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}

cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

Openclaw Openclaw
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-03-09T18:14:18.555Z

Reserved: 2026-02-27T19:20:24.878Z

Link: CVE-2026-28479

cve-icon Vulnrichment

Updated: 2026-03-09T18:14:12.412Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-05T22:16:22.410

Modified: 2026-03-17T17:58:44.950

Link: CVE-2026-28479

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-17T12:45:16Z

Weaknesses