Skip to main content

OpenClaw CVE-2026-44996

| EUVD-2026-29141 MEDIUM
Path Traversal (CWE-22)
2026-05-11 VulnCheck GHSA-prp6-v677-xqhq
Path Traversal
6.3
CVSS 4.0
Share

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

5
Severity Changed
May 11, 2026 - 18:22 NVD
LOW MEDIUM
CVSS changed
May 11, 2026 - 18:22 NVD
3.7 (LOW) 6.3 (MEDIUM)
Source Code Evidence Fetched
May 11, 2026 - 17:48 vuln.today
Analysis Generated
May 11, 2026 - 17:48 vuln.today
CVE Published
May 11, 2026 - 16:46 nvd
LOW 3.7

DescriptionNVD

OpenClaw before 2026.4.15 contains an arbitrary local file read vulnerability in the webchat audio embedding helper that fails to apply local media root containment checks. Attackers can influence agent or tool-produced ReplyPayload.mediaUrl parameters to resolve absolute local paths or file URLs, read audio-like files, and embed them base64-encoded into webchat responses.

AnalysisAI

OpenClaw before version 2026.4.15 allows arbitrary local file read via the webchat audio embedding helper, which fails to enforce local media root containment checks. Attackers who can influence agent or tool-produced ReplyPayload.mediaUrl parameters can resolve absolute local paths or file:// URLs, read audio-like files, and embed them base64-encoded into webchat responses. …

Sign in for full analysis, threat intelligence, and remediation guidance.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

Share

CVE-2026-44996 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy