Lucene search
K

15 matches found

CVE
CVE
added 2026/05/05 11:25 a.m.12 views

CVE-2026-43532

OpenClaw 2026.4.7

7.7CVSS5.8AI score0.00259EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/04/17 9:56 p.m.3 views

GHSA-C9H3-5P7R-MRJH OpenClaw: Discord event cover images bypassed sandbox media normalization

Summary Discord event cover images bypassed sandbox media normalization. Affected Packages / Versions - Package: openclaw - Ecosystem: npm - Affected versions: = 2026.4.7 = 2026.4.10 Impact Discord event cover image parameters could bypass the sandbox media normalization path used for outbound...

7.7CVSS5.7AI score0.00259EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/04/17 12:0 a.m.10 views

PT-2026-37017

Name of the Vulnerable Software and Affected Versions OpenClaw versions 2026.4.7 through 2026.4.9 Description Failure to normalize Discord event cover image parameters in sandbox media processing allows attackers to bypass media normalization. This enables the injection of host-local media...

7.7CVSS5.8AI score0.00259EPSS
Exploits0References7
EUVD
EUVD
added 2026/04/10 4:3 p.m.3 views

EUVD-2026-21482

OpenClaw before 2026.3.24 contains a path traversal vulnerability in sandbox enforcement allowing sandboxed agents to read arbitrary files from other agents' workspaces via unnormalized mediaUrl or fileUrl parameter keys. Attackers can exploit incomplete parameter validation in...

7.7CVSS5.9AI score0.00382EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/03/26 3:7 p.m.5 views

CVE-2026-31990

OpenClaw versions prior to 2026.3.2 contain a vulnerability in the stageSandboxMedia function in which it fails to validate destination symlinks during media staging, allowing writes to follow symlinks outside the sandbox workspace. Attackers can exploit this by placing symlinks in the...

7.1CVSS5.9AI score0.00134EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:3 p.m.5 views

CVE-2026-32026

OpenClaw versions prior to 2026.2.24 contain an improper path validation vulnerability in sandbox media handling that allows absolute paths under the host temporary directory outside the active sandbox root. Attackers can exploit this by providing malicious media references to read and exfiltrate...

8.6CVSS5.9AI score0.00344EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:2 p.m.6 views

CVE-2026-32030

OpenClaw versions prior to 2026.2.19 contain a path traversal vulnerability in the stageSandboxMedia function that accepts arbitrary absolute paths when iMessage remote attachment fetching is enabled. An attacker who can tamper with attachment path metadata can disclose files readable by the...

8.2CVSS5.9AI score0.00344EPSS
Exploits0References1
CVE
CVE
added 2026/03/23 9:36 p.m.8 views

CVE-2026-32903

CVE-2026-32903 affects OpenClaw up to version 2026.3.2. A symlink traversal in stageSandboxMedia allows an attacker to follow unvalidated destination paths in media/inbound writes and overwrite host files outside the sandbox boundary. The issue is locally exploitable with low attack complexity an...

5.8AI score
Exploits0
NVD
NVD
added 2026/03/19 10:16 p.m.3 views

CVE-2026-32026

OpenClaw versions prior to 2026.2.24 contain an improper path validation vulnerability in sandbox media handling that allows absolute paths under the host temporary directory outside the active sandbox root. Attackers can exploit this by providing malicious media references to read and exfiltrate...

8.6CVSS0.00344EPSS
Exploits0References5
OSV
OSV
added 2026/03/19 10:16 p.m.2 views

CVE-2026-32026

OpenClaw versions prior to 2026.2.24 contain an improper path validation vulnerability in sandbox media handling that allows absolute paths under the host temporary directory outside the active sandbox root. Attackers can exploit this by providing malicious media references to read and exfiltrate...

6.5CVSS6AI score
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/03/19 10:7 p.m.4 views

CVE-2026-32030 OpenClaw < 2026.2.19 - Sensitive File Disclosure via stageSandboxMedia Path Traversal

OpenClaw versions prior to 2026.2.19 contain a path traversal vulnerability in the stageSandboxMedia function that accepts arbitrary absolute paths when iMessage remote attachment fetching is enabled. An attacker who can tamper with attachment path metadata can disclose files readable by the...

8.2CVSS5.9AI score0.00344EPSS
Exploits0References3
EUVD
EUVD
added 2026/03/19 10:7 p.m.6 views

EUVD-2026-13300

OpenClaw versions prior to 2026.2.24 contain an improper path validation vulnerability in sandbox media handling that allows absolute paths under the host temporary directory outside the active sandbox root. Attackers can exploit this by providing malicious media references to read and exfiltrate...

7.1CVSS5.9AI score0.00344EPSS
Exploits0References5
CVE
CVE
added 2026/03/19 10:7 p.m.14 views

CVE-2026-32026

The CVE-2026-32026 issue affects OpenClaw before version 2026.2.24, where improper path validation in sandbox media handling permits access to absolute paths under the host temporary directory outside the active sandbox root. Exploitation via malicious media references in attachment delivery can ...

8.6CVSS5.9AI score0.00344EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/03/19 2:16 a.m.5 views

CVE-2026-31990

OpenClaw versions prior to 2026.3.2 contain a vulnerability in the stageSandboxMedia function in which it fails to validate destination symlinks during media staging, allowing writes to follow symlinks outside the sandbox workspace. Attackers can exploit this by placing symlinks in the...

7.1CVSS6AI score
Exploits0References3
OSV
OSV
added 2023/05/04 9:15 p.m.4 views

CVE-2023-21486

Improper export of android application components vulnerability in ImagePreviewActivity in Call Settings to SMR May-2023 Release 1 allows physical attackers to access some media data stored in sandbox...

4.6CVSS5.8AI score0.0025EPSS
Exploits0References1
Rows per page
Query Builder