CVE-2026-32054
OpenClaw versions prior to 2026.2.25 are affected by a symlink traversal vulnerability in browser trace and download output path handling, allowing a local attacker to escape the managed temp root and overwrite files outside the intended directory. The issue stems from how symlinks are resolved w...