Description
OpenClaw versions 2026.2.6 through 2026.3.24 contain a path traversal vulnerability in the Feishu extension resolveUploadInput function that bypasses file-system sandbox restrictions. Attackers can exploit improper path resolution during upload_image operations to read arbitrary files outside configured localRoots boundaries.
Published: 2026-04-27
Score: 6 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Arbitrary File Read
Action: Patch
AI Analysis

Impact

OpenClaw versions 2026.2.6 through 2026.3.24 contain a path traversal flaw in the Feishu extension’s resolveUploadInput function that bypasses the file‑system sandbox. By manipulating the upload_image parameter attackers can resolve file paths that reference locations outside the defined localRoots, enabling them to read any file accessible to the OpenClaw process. The vulnerability primarily threatens confidentiality; it does not provide a vector for code execution or denial of service.

Affected Systems

The affected product is OpenClaw from the vendor OpenClaw. Versions from 2026.2.6 up to and including 2026.3.24 are vulnerable. The application runs on a Node.js environment, as indicated by the CPE information, but the CVE does not list additional platform constraints.

Risk and Exploitability

The CVSS score of 6.0 indicates a medium‑severity flaw. EPSS is not available and the vulnerability is not listed in CISA’s KEV catalog. The likely attack vector is through a Feishu integration that accepts upload_image requests; an attacker who can influence or supply the upload_image payload can trigger the path traversal and retrieve arbitrary files. Because the flaw allows reading files rather than executing code, the risk is limited to information disclosure, but it could be leveraged in a broader attack chain if sensitive data are exposed.

Generated by OpenCVE AI on April 28, 2026 at 12:45 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to OpenClaw 2026.3.28 or later, which removes the vulnerability.
  • If a patch cannot be applied immediately, disable the Feishu upload_image feature or restrict its usage to safe localRoots before taking the application offline for an update.
  • Implement strict input validation for any file‑path parameters, ensuring that user‑supplied paths are normalized and bounded within the intended directory tree.

Generated by OpenCVE AI on April 28, 2026 at 12:45 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 28 Apr 2026 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 27 Apr 2026 23:45:00 +0000

Type Values Removed Values Added
Description OpenClaw versions 2026.2.6 through 2026.3.24 contain a path traversal vulnerability in the Feishu extension resolveUploadInput function that bypasses file-system sandbox restrictions. Attackers can exploit improper path resolution during upload_image operations to read arbitrary files outside configured localRoots boundaries.
Title OpenClaw 2026.2.6 < 2026.3.28 - Arbitrary File Read via Feishu upload_image Parameter
First Time appeared Openclaw
Openclaw openclaw
Weaknesses CWE-22
CPEs cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*
Vendors & Products Openclaw
Openclaw openclaw
References
Metrics cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N'}

cvssV4_0

{'score': 6, 'vector': 'CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

Openclaw Openclaw
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-04-28T15:01:20.038Z

Reserved: 2026-04-20T14:09:02.629Z

Link: CVE-2026-41363

cve-icon Vulnrichment

Updated: 2026-04-28T15:01:16.135Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-28T00:16:25.250

Modified: 2026-04-28T18:46:23.563

Link: CVE-2026-41363

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-28T13:00:15Z

Weaknesses