OpenClaw Improper Sandbox Configuration Vulnerability Allowing Arbitrary Code Execution

A vulnerability exists in OpenClaw versions prior to 2026.2.21, related to improper sandbox configuration. This issue allows attackers to execute arbitrary code by exploiting renderer-side vulnerabilities, bypassing the need for a sandbox escape. The vulnerability takes advantage of disabled OS-level sandbox protections in the Chromium browser container, enabling code execution on the host system.

Impact

Exploitation of this vulnerability could lead to unauthorized arbitrary code execution on the host system, by exploiting renderer-side vulnerabilities without the need for a sandbox escape.

Reproduction

The vulnerability can be reproduced by running OpenClaw versions prior to 2026.2.21 with the default browser sandbox settings. The application will launch Chromium with the '--no-sandbox' flag, disabling important OS-level sandbox protections. This creates an environment where renderer-side vulnerabilities can be exploited to execute arbitrary code on the host system.

Remediation

Users can update to OpenClaw version 2026.2.21 or later, where this vulnerability has been patched. After updating, it's recommended to run 'openclaw sandbox recreate --browser --all' to ensure that any stale browser containers are properly refreshed.