30 matches found
EUVD-2026-29141
OpenClaw before 2026.4.15 contains an arbitrary local file read vulnerability in the webchat audio embedding helper that fails to apply local media root containment checks. Attackers can influence agent or tool-produced ReplyPayload.mediaUrl parameters to resolve absolute local paths or file URLs...
CVE-2026-44996 OpenClaw < 2026.4.15 - Arbitrary Local File Read via Webchat Audio Embedding
OpenClaw before 2026.4.15 contains an arbitrary local file read vulnerability in the webchat audio embedding helper that fails to apply local media root containment checks. Attackers can influence agent or tool-produced ReplyPayload.mediaUrl parameters to resolve absolute local paths or file URLs...
CVE-2026-44996
OpenClaw vulnerability CVE-2026-44996 affects versions before 2026.4.15. The webchat audio embedding helper fails local media root containment checks, allowing an attacker to influence ReplyPayload.mediaUrl to resolve absolute local paths or file URLs, read audio-like files, and embed them base64...
EUVD-2026-25946
OpenClaw before 2026.3.31 contains a local roots self-whitelisting vulnerability in appendLocalMediaParentRoots that allows model-initiated arbitrary host file read. Attackers can exploit improper media parent directory validation to exfiltrate credentials and access sensitive files...
GHSA-V8QF-FR4G-28P2 OpenClaw: Assistant media route missed scope enforcement for trusted-proxy authorization
Affected Packages / Versions - Package: openclaw npm - Affected versions: 2026.4.20 - Patched version: 2026.4.20 Impact The Control UI assistant-media route authenticated trusted-proxy callers but did not enforce the declared operator scopes for identity-bearing HTTP auth paths. A trusted-proxy...
CVE-2026-34603
Tina is a headless content management system. Prior to version 2.2.2, @tinacms/cli recently added lexical path-traversal checks to the dev media routes, but the implementation still validates only the path string and does not resolve symlink or junction targets. If a link already exists under the...
CVE-2026-34603 @tinacms/graphql's Media Endpoints Can Escape the Media Root via Symlinks or Junctions
Tina is a headless content management system. Prior to version 2.2.2, @tinacms/cli recently added lexical path-traversal checks to the dev media routes, but the implementation still validates only the path string and does not resolve symlink or junction targets. If a link already exists under the...
CVE-2026-34603
CVE-2026-34603 affects TinaCMS: its media endpoints in @tinacms/cli (and related GraphQL handling) allow escaping the media root when symlinks or junctions exist in the media directory. The issue stems from lexical path-traversal checks that do not resolve symlink targets, enabling operations (li...
@tinacms/graphql's Media Endpoints Can Escape the Media Root via Symlinks or Junctions
Summary @tinacms/cli recently added lexical path-traversal checks to the dev media routes, but the implementation still validates only the path string and does not resolve symlink or junction targets. If a link already exists under the media root, Tina accepts a path like...
GHSA-G87C-R2JP-293W @tinacms/graphql's Media Endpoints Can Escape the Media Root via Symlinks or Junctions
Summary @tinacms/cli recently added lexical path-traversal checks to the dev media routes, but the implementation still validates only the path string and does not resolve symlink or junction targets. If a link already exists under the media root, Tina accepts a path like...
CVE-2026-27522
OpenClaw versions prior to 2026.2.24 contain a local media root bypass vulnerability in sendAttachment and setGroupIcon message actions when sandboxRoot is unset. Attackers can hydrate media from local absolute paths to read arbitrary host files accessible by the runtime user...
CVE-2026-27522 OpenClaw < 2026.2.24 - Arbitrary File Read via sendAttachment and setGroupIcon Message Actions
OpenClaw versions prior to 2026.2.24 contain a local media root bypass vulnerability in sendAttachment and setGroupIcon message actions when sandboxRoot is unset. Attackers can hydrate media from local absolute paths to read arbitrary host files accessible by the runtime user...
EUVD-2026-12732
OpenClaw versions prior to 2026.2.24 contain a local media root bypass vulnerability in sendAttachment and setGroupIcon message actions when sandboxRoot is unset. Attackers can hydrate media from local absolute paths to read arbitrary host files accessible by the runtime user...
CVE-2026-27522
OpenClaw versions prior to 2026.2.24 contain a local media root bypass vulnerability in sendAttachment and setGroupIcon message actions when sandboxRoot is unset. Attackers can hydrate media from local absolute paths to read arbitrary host files accessible by the runtime user...
CVE-2026-27522 OpenClaw < 2026.2.24 - Arbitrary File Read via sendAttachment and setGroupIcon Message Actions
OpenClaw versions prior to 2026.2.24 contain a local media root bypass vulnerability in sendAttachment and setGroupIcon message actions when sandboxRoot is unset. Attackers can hydrate media from local absolute paths to read arbitrary host files accessible by the runtime user...
CVE-2026-27522
OpenClaw before 2026.2.24 contains a local media root bypass in sendAttachment and setGroupIcon when sandboxRoot is unset, allowing hydration of media from local absolute paths to read arbitrary host files accessible by the runtime user. Affected product: OpenClaw; vulnerable components: media ha...
OpenClaw: Message action attachment hydration bypasses local media root checks when sandboxRoot is unset
Impact sendAttachment and setGroupIcon message actions could hydrate media from local absolute paths when sandboxRoot was unset, bypassing intended local media root checks. This could allow reads of arbitrary host files reachable by the runtime user when an authorized message-action path was...
PT-2026-26016
Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.2.24 Description OpenClaw versions before 2026.2.24 contain a local media root bypass in the sendAttachment and setGroupIcon message actions when sandboxRoot is not configured. This allows attackers to read...
CVE-2026-23521
Versions of the Traccar open-source GPS tracking system up to and including 6.11.1 contain an issue in which authenticated users who can create or edit devices can set a device uniqueId to an absolute path. When uploading a device image, Traccar uses that uniqueId to build the filesystem path...
CVE-2026-23521
Versions of the Traccar open-source GPS tracking system up to and including 6.11.1 contain an issue in which authenticated users who can create or edit devices can set a device uniqueId to an absolute path. When uploading a device image, Traccar uses that uniqueId to build the filesystem path...