CVE-2026-26972
MEDIUM EPSS 9.9%
Published Feb 20, 20264mo ago · Modified Feb 20, 20264mo ago
6.7 CVSS 3.1
Published Feb 20, 2026 4mo ago
Last Modified Feb 20, 2026 4mo ago
Description
OpenClaw is a personal AI assistant. In versions 2026.1.12 through 2026.2.12, OpenClaw browser download helpers accepted an unsanitized output path. When invoked via the browser control gateway routes, this allowed path traversal to write downloads outside the intended OpenClaw temp downloads directory. This issue is not exposed via the AI agent tool schema (no `download` action). Exploitation requires authenticated CLI access or an authenticated gateway RPC token. Version 2026.2.13 fixes the issue.
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H Attack Vector Local
Attack Complexity Low
Privileges Required High
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High
Threat Intelligence
EPSS Exploit Probability
9.9% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Weaknesses 1
CWE-22 Path Traversal Resource Mgmt
Affected Products 1
| Vendor | Product | Version | Range |
|---|---|---|---|
| openclaw | openclaw | * | ≥2026.1.12 – <2026.2.13 |
References 3
- github.com https://github.com/openclaw/openclaw/commit/7f0489e4731c8d965d78d6eac4a60312e46a9426
- github.com https://github.com/openclaw/openclaw/releases/tag/v2026.2.13
- github.com https://github.com/openclaw/openclaw/security/advisories/GHSA-xwjm-j929-xq7c
Remediation
- github.com https://github.com/openclaw/openclaw/commit/7f0489e4731c8d965d78d6eac4a60312e46a9426
- github.com https://github.com/openclaw/openclaw/security/advisories/GHSA-xwjm-j929-xq7c