https://feed.craftedsignal.io/tags/cve-2026-32915/Trending threats, MITRE ATT&CK coverage, and detection metadata — refreshed continuously.Hugoenhello@craftedsignal.iohello@craftedsignal.ioSun, 29 Mar 2026 13:16:59 +0000https://feed.craftedsignal.io/briefs/2026-03-openclaw-sandbox-bypass/Sun, 29 Mar 2026 13:16:59 +0000hello@craftedsignal.iohttps://feed.craftedsignal.io/briefs/2026-03-openclaw-sandbox-bypass/OpenClaw before 2026.3.11 contains a sandbox boundary bypass vulnerability that allows low-privilege leaf subagents to access the subagents control surface and execute commands with broader tool policies due to insufficient authorization checks, potentially leading to privilege escalation and unauthorized control of sibling processes.<p>CVE-2026-32915 describes a critical sandbox escape vulnerability affecting OpenClaw versions prior to 2026.3.11. The flaw resides in the insufficient authorization checks implemented on subagent control requests. A low-privilege sandboxed leaf worker can exploit this to bypass the intended sandbox boundaries and access the subagents control surface. This allows the attacker to resolve requests against the parent requester scope, instead of being limited to their own session tree. This…</p> highadvisorysandbox-escapeprivilege-escalationcve-2026-32915