Lucene search
K

200 matches found

OSV
OSV
added 2026/04/18 12:55 a.m.2 views

GHSA-H39G-6X3C-7FQ9 Zio has SubFileSystem Path Confinement Bypass via Unresolved `..` Segment

Summary SubFileSystem fails to confine operations to its declared sub path when the input path is /../ or equivalents /../, /..\. This path passes all validation but resolves to the root of the parent filesystem, allowing directory level operations outside the intended boundary. Affected Componen...

3.8CVSS5.7AI score
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/04/18 12:55 a.m.10 views

Zio has SubFileSystem Path Confinement Bypass via Unresolved `..` Segment

Summary SubFileSystem fails to confine operations to its declared sub path when the input path is /../ or equivalents /../, /..\. This path passes all validation but resolves to the root of the parent filesystem, allowing directory level operations outside the intended boundary. Affected Componen...

5.7AI score
Exploits0References4Affected Software1
EUVD
EUVD
added 2026/04/10 7:23 p.m.6 views

EUVD-2026-21164

PraisonAIAgents: Arbitrary File Read via readskillfile Missing Workspace Boundary and Approval Gate...

6.2CVSS5.8AI score0.00234EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/04/09 9:21 p.m.3 views

CVE-2026-40117

PraisonAIAgents is a multi-agent teams system. Prior to 1.5.128, readskillfile in skilltools.py allows reading arbitrary files from the filesystem by accepting an unrestricted skillpath parameter. Unlike filetools.readfile which enforces workspace boundary confinement, and unlike runskillscript...

6.2CVSS6AI score0.00234EPSS
Exploits1References2Affected Software1
RedhatCVE
RedhatCVE
added 2026/03/26 3:11 p.m.4 views

CVE-2026-32020

OpenClaw versions prior to 2026.2.22 contain a path traversal vulnerability in the static file handler that follows symbolic links, allowing out-of-root file reads. Attackers can place symlinks under the Control UI root directory to bypass directory confinement checks and read arbitrary files...

5.5CVSS5.9AI score0.00131EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:6 p.m.5 views

CVE-2026-22180

OpenClaw versions prior to 2026.3.2 contain a path-confinement bypass vulnerability in browser output handling that allows writes outside intended root directories. Attackers can exploit insufficient canonical path-boundary validation in file write operations to escape root-bound restrictions and...

5.3CVSS5.9AI score0.0013EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/03/21 3:31 a.m.7 views

Duplicate Advisory: OpenClaw's sandboxed sessions_spawn now enforces sandbox inheritance for cross-agent spawns

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-p7gr-f84w-hqg5. This link is maintained to preserve external references. Original Description OpenClaw versions prior to 2026.3.1 fail to enforce sandbox inheritance during cross-agent sessionsspawn operations,...

9.9CVSS5.8AI score0.00281EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2026/03/21 1:17 a.m.5 views

CVE-2026-32048

OpenClaw versions prior to 2026.3.1 fail to enforce sandbox inheritance during cross-agent sessionsspawn operations, allowing sandboxed sessions to create child processes under unsandboxed agents. An attacker with a sandboxed session can exploit this to spawn child runtimes with sandbox.mode set ...

9.9CVSS0.00281EPSS
Exploits0References2
OSV
OSV
added 2026/03/19 10:6 p.m.4 views

CVE-2026-32020 OpenClaw < 2026.2.22 - Arbitrary File Read via Symlink Following in Static File Handler

OpenClaw versions prior to 2026.2.22 contain a path traversal vulnerability in the static file handler that follows symbolic links, allowing out-of-root file reads. Attackers can place symlinks under the Control UI root directory to bypass directory confinement checks and read arbitrary files...

4.8CVSS6.1AI score0.00131EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/03/19 10:6 p.m.4 views

CVE-2026-32020 OpenClaw < 2026.2.22 - Arbitrary File Read via Symlink Following in Static File Handler

OpenClaw versions prior to 2026.2.22 contain a path traversal vulnerability in the static file handler that follows symbolic links, allowing out-of-root file reads. Attackers can place symlinks under the Control UI root directory to bypass directory confinement checks and read arbitrary files...

4.8CVSS5.9AI score0.00131EPSS
Exploits0References3
Amazon
Amazon
added 2026/03/19 12:0 a.m.16 views

Medium: golist

Issue Overview: url.Parse insufficiently validated the host/authority component and accepted some invalid URLs. CVE-2026-25679 On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root in which t...

7.5CVSS5.8AI score0.00728EPSS
Exploits0
NVD
NVD
added 2026/03/18 2:16 a.m.6 views

CVE-2026-22180

OpenClaw versions prior to 2026.3.2 contain a path-confinement bypass vulnerability in browser output handling that allows writes outside intended root directories. Attackers can exploit insufficient canonical path-boundary validation in file write operations to escape root-bound restrictions and...

5.3CVSS0.0013EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/03/18 1:34 a.m.26 views

CVE-2026-22180 OpenClaw < 2026.3.2 - Path Confinement Bypass in Browser Output and File Write Operations

OpenClaw versions prior to 2026.3.2 contain a path-confinement bypass vulnerability in browser output handling that allows writes outside intended root directories. Attackers can exploit insufficient canonical path-boundary validation in file write operations to escape root-bound restrictions and...

5.3CVSS0.0013EPSS
Exploits0References3
OSV
OSV
added 2026/03/18 1:34 a.m.5 views

CVE-2026-22180 OpenClaw < 2026.3.2 - Path Confinement Bypass in Browser Output and File Write Operations

OpenClaw versions prior to 2026.3.2 contain a path-confinement bypass vulnerability in browser output handling that allows writes outside intended root directories. Attackers can exploit insufficient canonical path-boundary validation in file write operations to escape root-bound restrictions and...

4.8CVSS6.2AI score0.0013EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/03/18 1:34 a.m.2 views

CVE-2026-22180 OpenClaw < 2026.3.2 - Path Confinement Bypass in Browser Output and File Write Operations

OpenClaw versions prior to 2026.3.2 contain a path-confinement bypass vulnerability in browser output handling that allows writes outside intended root directories. Attackers can exploit insufficient canonical path-boundary validation in file write operations to escape root-bound restrictions and...

5.3CVSS5.9AI score0.0013EPSS
Exploits0References3
EUVD
EUVD
added 2026/03/18 1:34 a.m.9 views

EUVD-2026-12726

OpenClaw versions prior to 2026.3.2 contain a path-confinement bypass vulnerability in browser output handling that allows writes outside intended root directories. Attackers can exploit insufficient canonical path-boundary validation in file write operations to escape root-bound restrictions and...

5.3CVSS5.9AI score0.0013EPSS
Exploits0References3
CVE
CVE
added 2026/03/18 1:34 a.m.16 views

CVE-2026-22180

OpenClaw is affected in versions prior to 2026.3.2 by a path-confinement bypass in browser output handling that allows writing outside intended root directories. The issue arises from insufficient canonical path-boundary validation in file write operations, enabling writes to arbitrary locations ...

5.3CVSS5.9AI score0.0013EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/03/06 10:16 p.m.7 views

AZL-79541 CVE-2026-27139 affecting package golang 1.25.7-1

On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root in which the File was opened. The impact of this escape is limited to reading metadata provided by lstat from arbitrary locations on the...

2.5CVSS7.5AI score0.00201EPSS
Exploits0References1
OSV
OSV
added 2026/03/03 9:20 p.m.4 views

GHSA-3PXQ-F3CP-JMXP OpenClaw: Unified root-bound write hardening for browser output and related path-boundary flows

Summary A path-confinement bypass in browser output handling allowed writes outside intended roots in openclaw versions up to and including 2026.3.1. The fix unifies root-bound, file-descriptor-verified write semantics and canonical path-boundary validation across browser output and related...

5.3CVSS5.8AI score0.0013EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/03/03 9:20 p.m.17 views

OpenClaw: Unified root-bound write hardening for browser output and related path-boundary flows

Summary A path-confinement bypass in browser output handling allowed writes outside intended roots in openclaw versions up to and including 2026.3.1. The fix unifies root-bound, file-descriptor-verified write semantics and canonical path-boundary validation across browser output and related...

5.3CVSS5.8AI score0.0013EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder