5 matches found
EUVD-2026-25322
OpenClaw before 2026.3.31 contains a time-of-check-time-of-use vulnerability in sandbox file operations that allows attackers to bypass fd-based defenses. Attackers can exploit check-then-act patterns in applypatch, remove, and mkdir operations to manipulate files between validation and execution...
CVE-2026-41338
OpenClaw before 2026.3.31 contains a time-of-check-time-of-use vulnerability in sandbox file operations that allows attackers to bypass fd-based defenses. Attackers can exploit check-then-act patterns in applypatch, remove, and mkdir operations to manipulate files between validation and execution...
PT-2026-34769
OpenClaw before 2026.3.31 contains a time-of-check-time-of-use vulnerability in sandbox file operations that allows attackers to bypass fd-based defenses. Attackers can exploit check-then-act patterns in apply patch, remove, and mkdir operations to manipulate files between validation and executio...
OpenClaw: Sandbox file operations use check-then-act, bypassing fd-based TOCTOU defenses
Summary Sandbox file operations use check-then-act, bypassing fd-based TOCTOU defenses Current Maintainer Triage - Status: narrow - Normalized severity: medium - Assessment: Released workspace-only applypatch remove and mkdir operations were still check-then-act, but the draft overstates scope by...
GHSA-RM5C-4RMF-VVHW OpenClaw: Sandbox file operations use check-then-act, bypassing fd-based TOCTOU defenses
Summary Sandbox file operations use check-then-act, bypassing fd-based TOCTOU defenses Current Maintainer Triage - Status: narrow - Normalized severity: medium - Assessment: Released workspace-only applypatch remove and mkdir operations were still check-then-act, but the draft overstates scope by...