OpenClaw Privilege Escalation Vulnerability via Heartbeat Context Inheritance
Vulnerability
A sandbox bypass vulnerability has been identified in OpenClaw versions prior to 2026.3.31. This vulnerability allows attackers to escalate privileges by manipulating the senderIsOwner parameter and exploiting improper context validation. The issue arises from heartbeat context inheritance, which can be manipulated to bypass sandbox restrictions and achieve unauthorized privilege escalation.
Impact
Exploitation of this vulnerability allows for unauthorized privilege escalation, bypassing sandbox restrictions and potentially leading to elevated rights or access within the application.
Reproduction
To reproduce this vulnerability, send a heartbeat context inheritance request while manipulating the senderIsOwner parameter. This can be done by setting the parameter to false, which will suppress the default owner status inheritance. The request should be directed to a session delivery target that the user owns, which will trigger the context inheritance bypass.
Remediation
Users can update to OpenClaw version 2026.3.31 or later, where this vulnerability has been patched.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.