CVE-2026-43570

MEDIUM EPSS 24.1%
Published May 5, 20261mo ago · Modified Jun 17, 20262w ago
6.0 CVSS 4.0
Medium
Find Similar
Published May 5, 2026 1mo ago
Last Modified Jun 17, 2026 2w ago

Description

OpenClaw versions 2026.3.22 before 2026.4.5 contain a symlink traversal vulnerability in remote marketplace repository path handling that allows attackers to escape the expected repository root. Attackers can exploit this by providing crafted symlink paths to access files outside the intended repository directory.

CVSS Details

Base Score
6.0
Exploitability
Impact
Vector string
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction P
Scope X

Threat Intelligence

EPSS Exploit Probability
24.1% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-61

Affected Products 1

VendorProductVersionRange
openclawopenclaw*≥2026.3.22  –  <2026.4.5

References 4

  • github.com https://github.com/openclaw/openclaw/commit/94b0062e90467e1582b47cc971f308457c537f3a
    Patch
  • github.com https://github.com/openclaw/openclaw/commit/b1dd3ded3589f6fa60ab85b3930a82d538edaeae
    Patch
  • github.com https://github.com/openclaw/openclaw/security/advisories/GHSA-cr8r-7g2h-6wr6
    Vendor Advisory
  • vulncheck.com https://www.vulncheck.com/advisories/openclaw-symlink-traversal-in-remote-marketplace-repository-path-handling
    Third Party Advisory

Remediation

  • github.com https://github.com/openclaw/openclaw/commit/94b0062e90467e1582b47cc971f308457c537f3a
    Patch
  • github.com https://github.com/openclaw/openclaw/commit/b1dd3ded3589f6fa60ab85b3930a82d538edaeae
    Patch