Skip to main content

Microsoft CVE-2026-41389

| EUVDEUVD-2026-23931 MEDIUM
External Control of File Name or Path (CWE-73)
2026-04-20 VulnCheck GHSA-qc5j-2mqx-x83q
6.3
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
6.3 MEDIUM
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

6
Analysis Generated
Apr 20, 2026 - 18:29 vuln.today
CVSS changed
Apr 20, 2026 - 18:22 NVD
5.8 (MEDIUM) 6.3 (MEDIUM)
EUVD ID Assigned
Apr 20, 2026 - 18:00 euvd
EUVD-2026-23931
Analysis Generated
Apr 20, 2026 - 18:00 vuln.today
Patch released
Apr 20, 2026 - 18:00 nvd
Patch available
CVE Published
Apr 20, 2026 - 17:48 nvd
MEDIUM 6.3

DescriptionCVE.org

OpenClaw versions 2026.4.7 before 2026.4.15 fail to enforce local-root containment on tool-result media paths, allowing arbitrary local and UNC file access. Attackers can craft malicious tool-result media references to trigger host-side file reads or Windows network path access, potentially disclosing sensitive files or exposing credentials.

AnalysisAI

OpenClaw versions 2026.4.7 through 2026.4.14 fail to enforce path containment on tool-result media references, enabling attackers to craft malicious tool-result inputs that trigger arbitrary local file reads or Windows UNC path access without authentication. An attacker can disclose sensitive files or extract credentials by exploiting this path-traversal weakness in the tool-result processing logic, requiring only network access and the ability to provide crafted tool-result media parameters to an exposed endpoint.

Technical ContextAI

OpenClaw is a tool orchestration platform that processes structured tool outputs, including media references. The vulnerability stems from CWE-73 (External Control of File Name or Path), where the application constructs file access paths from user-supplied tool-result media parameters without proper validation or canonicalization. The affected versions fail to restrict path traversal sequences (e.g., '../') or reject non-local file URIs (file://, SMB/UNC paths like //server/share) in the media path field. This allows an attacker to reference files outside the intended tool-result sandbox directory, including system files (/etc/passwd, /proc/self/environ) on Unix or credential stores on Windows. The CVSS 4.0 vector indicates network attack vector (AV:N), low complexity (AC:L), attack-time availability with partial timing variance (AT:P), no authentication required (PR:N), and no user interaction (UI:N), resulting in limited confidentiality impact (VC:L) but no integrity or availability impact.

RemediationAI

Upgrade OpenClaw immediately to version 2026.4.15 or later, which contains fixes from commits 1470de5d3e0970856d86cd99336bb8ada3fe87da, 6e58f1f9f54bca1fea1268ec0ee4c01a2af03dde, and 52ef42302ead9e183e6c8810e0a04ee4ef8ae9fc. These patches enforce path canonicalization and rejection of non-local file references (file://, UNC, SMB paths) in tool-result media processing. If immediate upgrading is not feasible, apply network-level mitigations by restricting network access to OpenClaw endpoints from untrusted sources; however, this does not address compromise via trusted clients providing malicious tool results. Verify that the OpenClaw process runs with minimal file-system permissions-do not grant the process read access to system configuration files, credential stores, or user home directories beyond those strictly required for legitimate tool-result operations. Monitor tool-result media parameters in application logs for path-traversal patterns (../, UNC paths, file:// URIs) as a compensating control, though this may have high false-positive rates depending on legitimate tool outputs.

Share

CVE-2026-41389 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy