Description
OpenClaw versions 2026.1.16-2 prior to 2026.2.14 contain a path traversal vulnerability in archive extraction during installation commands that allows arbitrary file writes outside the intended directory. Attackers can craft malicious archives that, when extracted via skills install, hooks install, plugins install, or signal install commands, write files to arbitrary locations enabling persistence or code execution.
Published: 2026-03-05
Score: 6.8 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Arbitrary file write leading to potential code execution
Action: Apply Patch
AI Analysis

Impact

The vulnerability is a path traversal flaw during archive extraction in installation commands. Attackers can create a malicious archive that, when processed by skills install, hooks install, plugins install, or signal install, writes files outside the intended directory. This allows modification of arbitrary files and can enable persistence or remote code execution.

Affected Systems

The affected software is OpenClaw. Versions 2026.1.16-2 up to but not including 2026.2.14 are vulnerable. All installations relying on the listed installation commands fall into scope.

Risk and Exploitability

The CVSS score is 6.8, indicating a moderate severity, while the EPSS score is less than 1%, suggesting low current exploitation probability. The vulnerability is not listed in the CISA KEV catalog. Exploitation requires the attacker to supply the crafted archive and trigger an installation command. The attack vector is therefore likely to be within environments where installation commands are executed without strict validation of source archives.

Generated by OpenCVE AI on April 16, 2026 at 11:55 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade OpenClaw to version 2026.2.14 or later to remove the path traversal flaw
  • Restrict installation commands to trusted archives only, ensuring source authenticity and integrity before extraction
  • Limit filesystem permissions for critical directories to prevent unauthorized writes from installation processes

Generated by OpenCVE AI on April 16, 2026 at 11:55 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-v892-hwpg-jwqp OpenClaw vulnerable to path traversal (Zip Slip) in archive extraction during explicit installation commands
History

Wed, 11 Mar 2026 01:30:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:openclaw:openclaw:2026.1.16-2:*:*:*:*:node.js:*:*

Mon, 09 Mar 2026 21:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 05 Mar 2026 22:45:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}

 cvssV3_1

{'score': 6.1, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:L'}

Thu, 05 Mar 2026 22:15:00 +0000

Type Values Removed Values Added
Description OpenClaw versions 2026.1.16-2 prior to 2026.2.14 contain a path traversal vulnerability in archive extraction during installation commands that allows arbitrary file writes outside the intended directory. Attackers can craft malicious archives that, when extracted via skills install, hooks install, plugins install, or signal install commands, write files to arbitrary locations enabling persistence or code execution.
Title OpenClaw 2026.1.16-2 < 2026.2.14 - Path Traversal (Zip Slip) in Archive Extraction via Installation Commands
First Time appeared Openclaw
Openclaw openclaw
Weaknesses CWE-22
CPEs cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*
Vendors & Products Openclaw
Openclaw openclaw
References
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}

cvssV4_0

{'score': 6.8, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N'}

Subscriptions

Openclaw Openclaw
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-03-09T20:39:47.531Z

Reserved: 2026-02-27T19:21:20.347Z

Link: CVE-2026-28486

cve-icon Vulnrichment

Updated: 2026-03-09T20:39:43.273Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-05T22:16:23.640

Modified: 2026-03-11T01:15:08.877

Link: CVE-2026-28486

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-16T12:00:11Z

Weaknesses