What is CVE-2026-32920 OpenClaw git executable hijack?

A high-severity vulnerability where a malicious .npmrc file in an OpenClaw plugin directory can override the git executable path, enabling arbitrary code execution during plugin installation.

Which OpenClaw versions are affected by the .npmrc hijack?

Versions 2026.3.13-1 through 2026.3.23 are affected. Upgrade to v2026.3.24 or later to fix.

Does --ignore-scripts prevent the OpenClaw .npmrc attack?

No. The --ignore-scripts flag prevents lifecycle scripts but does not prevent npm from reading project-level .npmrc config, which is the attack vector.

How to protect against OpenClaw plugin supply chain attacks?

Upgrade to v2026.3.24+, manually inspect .npmrc and package.json in plugins before installation, and avoid installing plugins from untrusted sources.

How many OpenClaw CVEs exist in 2026?

As of March 2026, 156 security advisories are tracked with 128 still awaiting CVE assignment. Nine CVEs were disclosed in just four days in March 2026.

← Back to dashboard

clawsmith.com/signal/openclaw-git-executable-hijack-npmrc-cve-32920

⚠ IssueWide OpenLive

OpenClaw Git Executable Hijack via .npmrc — CVE-2026-32920 Enables Arbitrary Code Execution During Plugin Install

High-severity vulnerability in OpenClaw v2026.3.13-1 through v2026.3.23 allows arbitrary code execution during local plugin/hook installation. A malicious .npmrc in the project root overrides the git executable path. The --ignore-scripts flag does not prevent this. Fixed in v2026.3.24.

Product Idea from this Signal

A security service that auto-patches OpenClaw CVEs within hours of disclosure before attackers exploit them

3.7k ▲

OpenClaw shipped 9 CVEs in 4 days (March 2026) including a CVSS 9.9 privilege escalation affecting 135K+ exposed instances. Most operators have no way to know which CVEs affect their version, no automated patching, and no coordination between the flood of advisories (156+ total) and their actual attack surface. This tool continuously monitors CVE feeds, maps each advisory to your installed version and enabled features, and applies safe mitigations automatically while queuing risky patches for human approval.

SECURITYCLIDEVTOOLOPEN-SOURCESYSADMIN

CompetitiveView Opportunity →