35 matches found
CVE-2026-44112
OpenClaw before 2026.4.22 contains a time-of-check/time-of-use race condition in OpenShell sandbox filesystem writes that allows attackers to redirect writes outside the intended mount root. Attackers can exploit symlink swaps during filesystem operations to bypass sandbox restrictions and write...
CVE-2026-44113
OpenClaw before 2026.4.22 contains a time-of-check/time-of-use race condition in the OpenShell filesystem bridge that allows attackers to read files outside the intended mount root. Attackers can exploit symlink swaps during filesystem operations to bypass sandbox restrictions and access...
OpenClaw has an unspecified vulnerability (CNVD-2026-20009)
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a security vulnerability that stems from the failure of the OpenShell file system bridge to properly validate symbolic link exchanges when handling file system operations, which can be exploited by an...
EUVD-2026-28190
OpenClaw before 2026.4.22 contains a time-of-check/time-of-use race condition in OpenShell sandbox filesystem writes that allows attackers to redirect writes outside the intended mount root. Attackers can exploit symlink swaps during filesystem operations to bypass sandbox restrictions and write...
Duplicate Advisory: OpenClaw: OpenShell FS bridge reads pin and verify the opened file before returning bytes
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-5h3g-6xhh-rg6p. This link is maintained to preserve external references. Original Description OpenClaw before 2026.4.22 contains a time-of-check/time-of-use race condition in the OpenShell filesystem bridge that...
GHSA-FRR5-J3MH-H9CH Duplicate Advisory: OpenClaw: OpenShell FS bridge reads pin and verify the opened file before returning bytes
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-5h3g-6xhh-rg6p. This link is maintained to preserve external references. Original Description OpenClaw before 2026.4.22 contains a time-of-check/time-of-use race condition in the OpenShell filesystem bridge that...
Duplicate Advisory: OpenClaw: OpenShell FS bridge writes stay pinned to the sandbox mount root
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-wppj-c6mr-83jj. This link is maintained to preserve external references. Original Description OpenClaw before 2026.4.22 contains a time-of-check/time-of-use race condition in OpenShell sandbox filesystem writes...
CVE-2026-44112
OpenClaw before 2026.4.22 contains a time-of-check/time-of-use race condition in OpenShell sandbox filesystem writes that allows attackers to redirect writes outside the intended mount root. Attackers can exploit symlink swaps during filesystem operations to bypass sandbox restrictions and write...
CVE-2026-44113 OpenClaw < 2026.4.22 - Time-of-Check/Time-of-Use Race Condition in OpenShell FS Bridge
OpenClaw before 2026.4.22 contains a time-of-check/time-of-use race condition in the OpenShell filesystem bridge that allows attackers to read files outside the intended mount root. Attackers can exploit symlink swaps during filesystem operations to bypass sandbox restrictions and access...
CVE-2026-44113 OpenClaw < 2026.4.22 - Time-of-Check/Time-of-Use Race Condition in OpenShell FS Bridge
OpenClaw before 2026.4.22 contains a time-of-check/time-of-use race condition in the OpenShell filesystem bridge that allows attackers to read files outside the intended mount root. Attackers can exploit symlink swaps during filesystem operations to bypass sandbox restrictions and access...
CVE-2026-44113
OpenClaw before 2026.4.22 contains a time-of-check/time-of-use race condition in the OpenShell filesystem bridge that allows attackers to read files outside the intended mount root. Attackers can exploit symlink swaps during filesystem operations to bypass sandbox restrictions and access...
CVE-2026-44113
OpenClaw before 2026.4.22 is affected by a time-of-check/time-of-use (TOCTOU) race in the OpenShell filesystem bridge. Attackers could exploit symlink swaps during filesystem operations to bypass sandbox restrictions and read files outside the intended mount root, exposing unauthorized data. Affe...
CVE-2026-44112
OpenClaw before 2026.4.22 contains a time-of-check/time-of-use race condition in OpenShell sandbox filesystem writes that allows attackers to redirect writes outside the intended mount root. Attackers can exploit symlink swaps during filesystem operations to bypass sandbox restrictions and write...
CVE-2026-44112 OpenClaw < 2026.4.22 - Symlink Swap Race Condition in OpenShell FS Bridge Writes
OpenClaw before 2026.4.22 contains a time-of-check/time-of-use race condition in OpenShell sandbox filesystem writes that allows attackers to redirect writes outside the intended mount root. Attackers can exploit symlink swaps during filesystem operations to bypass sandbox restrictions and write...
CVE-2026-44112
OpenClaw OpenShell has a TOCTOU race condition in sandbox filesystem writes that lets an attacker redirect writes outside the sandbox mount root by exploiting symlink swaps during filesystem operations. This affects OpenClaw versions prior to 2026.4.22. The issue’s root cause is a time-of-check/t...
Path Traversal
OpenClaw is vulnerable to Path Traversal. The vulnerability is due to mis-scoped mirror mode paths, where attackers can manipulate OpenShell config paths to cause mirror sync operations to delete unintended remote directory contents and replace them with uploaded workspace data...
OpenClaw 安全漏洞
OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.4.22 contained security vulnerabilities. These vulnerabilities stemmed from race conditions between the time of writing and the time of execution in the OpenShell sandbox file...
OpenClaw: OpenShell FS bridge reads pin and verify the opened file before returning bytes
Summary OpenShell FS bridge reads pin and verify the opened file before returning bytes Affected Packages / Versions - Package: openclaw npm - Affected versions: = 2026.4.21 - Fixed version: 2026.4.22 Impact A time-of-check/time-of-use race around OpenShell sandbox filesystem reads could let a...
PT-2026-38245
Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.4.22 Description A time-of-check/time-of-use TOCTOU race condition exists in OpenShell sandbox filesystem writes. This flaw allows attackers to use symlink swaps during filesystem operations to bypass sandbox...
PT-2026-38246
Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.4.22 Description A time-of-check/time-of-use TOCTOU race condition exists in the OpenShell filesystem bridge. This issue allows attackers to use symlink swaps during filesystem operations to bypass sandbox...