EUVD-2026-12734

OpenClaw versions prior to 2026.2.24 contain a sandbox bind validation vulnerability allowing attackers to bypass allowed-root and blocked-path checks via symlinked parent directories with non-existent leaf paths. Attackers can craft bind source paths that appear within allowed roots but resolve...

CVE-2026-27523

OpenClaw (

GHSA-M8V2-6WWH-R4GC OpenClaw's sandbox bind validation could bypass allowed-root and blocked-path checks via symlink-parent missing-leaf paths

Summary In openclaw up to and including 2026.2.23 latest npm release as of February 24, 2026, sandbox bind-source validation could be bypassed when a bind source used a symlinked parent plus a non-existent leaf path. Affected Packages / Versions - Package: openclaw npm - Affected: = 2026.2.24...

Symlink Attack

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Symlink Attack via the validateBindMounts process. An attacker can access files or directories outside of intended boundaries by exploiting symlinked parent directories combined with...

CVE-2024-12217

A vulnerability in the gradio-app/gradio repository, version git 67e4044, allows for path traversal on Windows OS. The implementation of the blockedpath functionality, which is intended to disallow users from reading certain files, is flawed. Specifically, while the application correctly blocks...