CVE-2026-32036
OpenClaw gateway plugin (versions before 2026.2.26) is affected by a path traversal flaw in /api/channels that lets an attacker bypass route authentication by using encoded dot-segment traversal. The underlying issue arises when path normalization does not block alternate paths, enabling access t...