HIGHCVE-2026-32026Published 2026-03-19Modified 2026-03-20CNA VulnCheck

CVE-2026-32026: OpenClaw < 2026.2.24 - Arbitrary File Read via Improper Temporary Path Validation in Sandbox

OpenClaw versions prior to 2026.2.24 contain an improper path validation vulnerability in sandbox media handling that allows absolute paths under the host temporary directory outside the active sandbox root. Attackers can exploit this by providing malicious media references to read and exfiltrate arbitrary files from the host temporary directory through attachment delivery mechanisms.

CVSS v4.0: 7.1
Severity: HIGH
Fixed in: 2026.2.24
Affected Products: 1

Fix available

2026.2.24

Patch commits

Patch Commit #1
Patch Commit #2
Patch Commit #3

Affected packages

OpenClaw / OpenClaw
< 2026.2.24 (from 0)
Fixed in 2026.2.24

CVSS Vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

References

GitHub Security Advisory (GHSA-33hm-cq8r-wc49)
Patch Commit #1
Patch Commit #2
Patch Commit #3
VulnCheck Advisory: OpenClaw < 2026.2.24 - Arbitrary File Read via Improper Temporary Path Validation in Sandbox

Metrics

Fix available