CVE-2026-26972

OpenClaw has a Path Traversal in Browser Download Functionality

CVSS 6.7 MEDIUMEPSS 0.2%CWE-22

Vexday Risk Score

13Baixo

Decisão SSVC (CISA)

Track

Sem sinal de exploração → monitorar

CVSS 6.7EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

19 fev 2026Publicada no NVD

Recomendação: Monitorar — sem sinal de exploração no momento.

OpenClaw is a personal AI assistant. In versions 2026.1.12 through 2026.2.12, OpenClaw browser download helpers accepted an unsanitized output path. When invoked via the browser control gateway routes, this allowed path traversal to write downloads outside the intended OpenClaw temp downloads directory. This issue is not exposed via the AI agent tool schema (no `download` action). Exploitation requires authenticated CLI access or an authenticated gateway RPC token. Version 2026.2.13 fixes the issue.

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Produtos afetados

openclaw · openclaw

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://github.com/openclaw/openclaw/commit/7f0489e4731c8d965d78d6eac4a60312e46a9426 https://github.com/openclaw/openclaw/releases/tag/v2026.2.13 https://github.com/openclaw/openclaw/security/advisories/GHSA-xwjm-j929-xq7c