CVE-2026-32026

6.5 MEDIUM
Published: March 19, 2026 Modified: March 23, 2026
View on NVD

Description

OpenClaw versions prior to 2026.2.24 contain an improper path validation vulnerability in sandbox media handling that allows absolute paths under the host temporary directory outside the active sandbox root. Attackers can exploit this by providing malicious media references to read and exfiltrate arbitrary files from the host temporary directory through attachment delivery mechanisms.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

CVSS v3.x Details

0.0 Low Medium High Critical 10.0
Vector String
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
https://github.com/openclaw/openclaw/commit/79a7b3d22ef92e36a4031093d80a0acb0d82f351
Source: disclosure@vulncheck.com
Patch
https://github.com/openclaw/openclaw/commit/d3da67c7a9b463edc1a9b1c1f7af107a34ca32f5
Source: disclosure@vulncheck.com
Patch
https://github.com/openclaw/openclaw/commit/def993dbd843ff28f2b3bad5cc24603874ba9f1e
Source: disclosure@vulncheck.com
Patch
https://github.com/openclaw/openclaw/security/advisories/GHSA-33hm-cq8r-wc49
Source: disclosure@vulncheck.com
Vendor Advisory
https://www.vulncheck.com/advisories/openclaw-arbitrary-file-read-via-improper-temporary-path-validation-in-sandbox
Source: disclosure@vulncheck.com
Third Party Advisory

5 reference(s) from NVD

Quick Stats

CVSS v3 Score
6.5 / 10.0
EPSS (Exploit Probability)
0.1%
21th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-22

Affected Vendors

openclaw

Related CVEs

CVE-2026-35548 N/A
CVE-2026-6862 5.5
CVE-2026-6861 6.1
CVE-2026-6859 8.8
CVE-2026-6356 9.6