2 matches found
OpenClaw < 2026.1.30 Path Traversal (GHSA-r8g4-86fx-92mq)
The version of the OpenClaw AI assistant installed on the remote host is prior to 2026.1.30. It is, therefore, affected by a path traversal vulnerability: - The isValidMedia function in src/media/parse.ts allows arbitrary file paths including absolute paths, home directory paths, and directory...
CVE-2026-25475
creationtimestamp| type| source ---|---|--- 2026-02-04 19:02:51+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-r8g4-86fx-92mq 2026-02-14 11:31:11+00:00| seen| https://gist.github.com/skalpers/f95a4a272ef2dcbe713610f863143d3b...