CVE-2026-32846

HIGH EPSS 48.1%
Published Mar 26, 20263mo ago · Modified Jun 17, 20261w ago
8.7 CVSS 4.0
High
Find Similar
Published Mar 26, 2026 3mo ago
Last Modified Jun 17, 2026 1w ago

Description

OpenClaw before 2026.3.28 contains a path traversal vulnerability in media parsing that allows attackers to read arbitrary files by bypassing path validation in the isLikelyLocalPath() and isValidMedia() functions. Attackers can exploit incomplete validation and the allowBareFilename bypass to reference files outside the intended application sandbox, resulting in disclosure of sensitive information including system files, environment files, and SSH keys.

CVSS Details

Base Score
8.7
Exploitability
Impact
Vector string
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction None
Scope X

Threat Intelligence

EPSS Exploit Probability
48.1% percentile
Exploit & Patch Status
Public Exploit Known
Patch Available

Weaknesses 1

CWE-22 Path Traversal Resource Mgmt

Affected Products 1

VendorProductVersionRange
openclawopenclaw* ≤2026.3.23

References 4

  • github.com https://github.com/openclaw/openclaw/commit/4797bbc5b96e2cca5532e43b58915c051746fe37
    Patch
  • github.com https://github.com/openclaw/openclaw/pull/54642
    ExploitIssue TrackingVendor Advisory
  • github.com https://github.com/openclaw/openclaw/security/advisories/GHSA-f6pf-4gjx-c94r
    Broken Link
  • vulncheck.com https://www.vulncheck.com/advisories/openclaw-media-parsing-path-traversal-to-arbitrary-file-read
    Third Party Advisory

Remediation

  • github.com https://github.com/openclaw/openclaw/commit/4797bbc5b96e2cca5532e43b58915c051746fe37
    Patch