CVE-2026-32030

HIGH EPSS 26.3%
Published Mar 19, 20263mo ago · Modified Mar 25, 20263mo ago
8.2 CVSS 4.0
High
Find Similar
Published Mar 19, 2026 3mo ago
Last Modified Mar 25, 2026 3mo ago

Description

OpenClaw versions prior to 2026.2.19 contain a path traversal vulnerability in the stageSandboxMedia function that accepts arbitrary absolute paths when iMessage remote attachment fetching is enabled. An attacker who can tamper with attachment path metadata can disclose files readable by the OpenClaw process on the configured remote host via SCP.

CVSS Details

Base Score
8.2
Exploitability
Impact
Vector string
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction None
Scope X

Threat Intelligence

EPSS Exploit Probability
26.3% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-22 Path Traversal Resource Mgmt

Affected Products 1

VendorProductVersionRange
openclawopenclaw* <2026.2.19

References 3

  • github.com https://github.com/openclaw/openclaw/commit/1316e5740382926e45a42097b4bfe0aef7d63e8e
    Patch
  • github.com https://github.com/openclaw/openclaw/security/advisories/GHSA-x9cf-3w63-rpq9
    MitigationVendor Advisory
  • vulncheck.com https://www.vulncheck.com/advisories/openclaw-sensitive-file-disclosure-via-stagesandboxmedia-path-traversal
    Third Party Advisory

Remediation

  • github.com https://github.com/openclaw/openclaw/commit/1316e5740382926e45a42097b4bfe0aef7d63e8e
    Patch