CVE-2026-32013
HIGH
GHSA-fgvx-58p6-gjwc
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
3Tags
Description
OpenClaw versions prior to 2026.2.25 contain a symlink traversal vulnerability in the agents.files.get and agents.files.set methods that allows reading and writing files outside the agent workspace. Attackers can exploit symlinked allowlisted files to access arbitrary host files within gateway process permissions, potentially enabling code execution through file overwrite attacks.
Analysis
A symlink traversal vulnerability in OpenClaw allows authenticated attackers to read and write arbitrary files on the host system through the agents.files.get and agents.files.set methods. The vulnerability affects OpenClaw versions prior to 2026.2.25 and can lead to remote code execution through strategic file overwrites. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Inventory all OpenClaw deployments and identify those running versions prior to 2026.2.25; document affected systems and their data sensitivity. Within 7 days: Implement network segmentation to restrict OpenClaw agent access to critical systems; disable agents.files.get and agents.files.set methods if operationally feasible; monitor agent logs for suspicious file access patterns. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today