CVE-2026-26972

MEDIUM EPSS 9.9%
Published Feb 20, 20264mo ago · Modified Feb 20, 20264mo ago
6.7 CVSS 3.1
Medium
Find Similar
Published Feb 20, 2026 4mo ago
Last Modified Feb 20, 2026 4mo ago

Description

OpenClaw is a personal AI assistant. In versions 2026.1.12 through 2026.2.12, OpenClaw browser download helpers accepted an unsanitized output path. When invoked via the browser control gateway routes, this allowed path traversal to write downloads outside the intended OpenClaw temp downloads directory. This issue is not exposed via the AI agent tool schema (no `download` action). Exploitation requires authenticated CLI access or an authenticated gateway RPC token. Version 2026.2.13 fixes the issue.

CVSS Details

Base Score
6.7
Exploitability
0.8
Impact
5.9
Vector string
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required High
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
9.9% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-22 Path Traversal Resource Mgmt

Affected Products 1

VendorProductVersionRange
openclawopenclaw*≥2026.1.12  –  <2026.2.13

References 3

  • github.com https://github.com/openclaw/openclaw/commit/7f0489e4731c8d965d78d6eac4a60312e46a9426
    Patch
  • github.com https://github.com/openclaw/openclaw/releases/tag/v2026.2.13
    ProductRelease Notes
  • github.com https://github.com/openclaw/openclaw/security/advisories/GHSA-xwjm-j929-xq7c
    PatchVendor Advisory

Remediation

  • github.com https://github.com/openclaw/openclaw/commit/7f0489e4731c8d965d78d6eac4a60312e46a9426
    Patch
  • github.com https://github.com/openclaw/openclaw/security/advisories/GHSA-xwjm-j929-xq7c
    PatchVendor Advisory