Skip to main content

Openclaw EUVDEUVD-2026-13955

| CVE-2026-32054 MEDIUM
Improper Link Resolution Before File Access (CWE-59)
2026-03-21 VulnCheck GHSA-ffr4-mrhv-vfr2
6.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
6.5 MEDIUM
AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H
Attack Vector
Local
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
High
Availability
High

Lifecycle Timeline

5
PoC Detected
Mar 24, 2026 - 21:11 vuln.today
Public exploit code
EUVD ID Assigned
Mar 21, 2026 - 01:00 euvd
EUVD-2026-13955
Analysis Generated
Mar 21, 2026 - 01:00 vuln.today
Patch released
Mar 21, 2026 - 01:00 nvd
Patch available
CVE Published
Mar 21, 2026 - 00:42 nvd
MEDIUM 6.5

DescriptionCVE.org

OpenClaw versions prior to 2026.2.25 contain a symlink traversal vulnerability in browser trace and download output path handling that allows local attackers to escape the managed temp root directory. An attacker with local access can create symlinks to route file writes outside the intended temp directory, enabling arbitrary file overwrite on the affected system.

AnalysisAI

OpenClaw versions prior to 2026.2.25 contain a symlink traversal vulnerability in the browser trace and download output path handling that allows local attackers with limited privileges to escape the managed temporary root directory and overwrite arbitrary files on the system. An attacker can create symbolic links to redirect file writes outside the intended sandbox, resulting in information disclosure and potential system compromise through arbitrary file modification. A patch is available from the vendor, and this vulnerability requires local access with low privileges to exploit, making it a medium-severity concern for multi-user systems.

Technical ContextAI

This vulnerability is rooted in CWE-59 (Improper Link Resolution Before File Access, also known as symlink traversal), a classic file system security flaw where applications fail to validate symlink targets before performing file operations. The OpenClaw application (cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:*:*:*) manages temporary directories for browser trace logging and download operations, but does not properly sanitize or resolve symbolic links before writing output to these paths. An attacker with local system access can place crafted symlinks in predictable locations within the temp directory structure, causing OpenClaw to follow those symlinks and write sensitive data or executable content to arbitrary filesystem locations outside the intended sandboxed temp root. This is particularly dangerous in shared hosting or containerized environments where multiple users or processes operate on the same system.

RemediationAI

Immediately upgrade OpenClaw to version 2026.2.25 or later to apply the vendor patch available at https://github.com/openclaw/openclaw/commit/496a76c03ba85e15ea715e5a583e498ae04d36e3. Until patching is possible, restrict local system access to OpenClaw processes using OS-level privilege separation and file system isolation (e.g., dedicated unprivileged user accounts, AppArmor, SELinux, or seccomp profiles that prevent symlink creation in temp directories). Configure the application to use a private temporary directory with restrictive permissions (mode 0700) and verify that temp paths are created at runtime with O_EXCL or equivalent atomic semantics. Implement monitoring and alerting on unexpected symlink creation within OpenClaw's temp directories to detect attack attempts.

CVE-2026-28446 CRITICAL POC
9.4 Mar 05

Auth bypass in OpenClaw voice-call extension before 2026.2.1. EPSS 0.68%. PoC and patch available.

CVE-2026-33579 CRITICAL POC
9.4 Mar 31

Privilege escalation in OpenClaw (pre-2026.3.28) allows unauthenticated remote attackers to gain administrative access b

CVE-2026-32042 HIGH POC
8.8 Mar 21

OpenClaw versions 2026.2.22 through 2026.2.24 contain a privilege escalation vulnerability that allows authenticated att

CVE-2026-32051 HIGH POC
8.8 Mar 21

An authorization mismatch vulnerability in OpenClaw versions prior to 2026.3.1 allows authenticated users with operator.

CVE-2026-25253 HIGH POC
8.8 Feb 01

OpenClaw versions prior to 2026.1.29 automatically establish WebSocket connections to attacker-controlled gateway URLs e

CVE-2026-32846 HIGH POC
8.7 Mar 26

Path traversal in OpenClaw through version 2026.3.23 enables unauthenticated remote attackers to read arbitrary files in

CVE-2026-32064 HIGH POC
7.7 Mar 21

OpenClaw sandbox browser functionality launches x11vnc for noVNC observer sessions without requiring authentication, all

CVE-2026-32055 HIGH POC
7.6 Mar 21

OpenClaw versions before 2026.2.26 allow authenticated attackers to write arbitrary files outside the workspace director

CVE-2026-32056 HIGH POC
7.5 Mar 21

OpenClaw versions prior to 2026.2.22 contain a shell environment variable injection vulnerability in the system.run func

CVE-2026-32049 HIGH POC
7.5 Mar 21

OpenClaw versions prior to 2026.2.22 contain a resource exhaustion vulnerability where the application fails to consiste

CVE-2026-32048 HIGH POC
7.5 Mar 21

OpenClaw versions prior to 2026.3.1 contain a sandbox escape vulnerability that allows authenticated attackers with low

CVE-2026-25474 HIGH POC
7.5 Feb 19

OpenClaw versions 2026.1.30 and below fail to validate Telegram webhook secret tokens when `channels.telegram.webhookSec

Share

EUVD-2026-13955 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy