Description
OpenClaw versions 2026.3.22 before 2026.4.5 contain a symlink traversal vulnerability in remote marketplace repository path handling that allows attackers to escape the expected repository root. Attackers can exploit this by providing crafted symlink paths to access files outside the intended repository directory.
Published: 2026-05-05
Score: 6 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

This defect permits a malicious actor to craft a path that resolves to a symbolic link outside the expected repository directory. When the marketplace repository handler processes the path, the link is followed and files outside the allowed root become readable or writable. The weakness stems from insufficient validation of the repository path, which can lead to disclosure of sensitive files or compromise of the repository’s integrity.

Affected Systems

The vulnerability affects OpenClaw version 2026.3.22 and all older releases prior to 2026.4.5. Users running those releases are at risk when they install or update marketplace repositories through the remote repository interface.

Risk and Exploitability

The CVSS base score of 6.0 denotes moderate severity. No EPSS value is currently available, and the vulnerability is not listed in the CISA KEV catalog. If an attacker can supply a custom symlink path to the remote marketplace handling logic—most likely via a remote request to the repository endpoint—the path traversal can be exploited to read arbitrary files on the host. The scenario requires that the attacker succeeds in submitting a crafted path; the vulnerability does not appear to allow arbitrary code execution but enables significant confidentiality and integrity risks.

Generated by OpenCVE AI on May 5, 2026 at 12:20 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade OpenClaw to 2026.4.5 or newer, which removes the symlink traversal flaw.
  • Implement strict validation on all repository paths to reject paths that contain symbolic links or attempt to escape the repository root.
  • Contain the OpenClaw process with the minimum required filesystem permissions and monitor log files for unexpected symlink resolution events.

Generated by OpenCVE AI on May 5, 2026 at 12:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 05 May 2026 11:45:00 +0000

Type Values Removed Values Added
Description OpenClaw versions 2026.3.22 before 2026.4.5 contain a symlink traversal vulnerability in remote marketplace repository path handling that allows attackers to escape the expected repository root. Attackers can exploit this by providing crafted symlink paths to access files outside the intended repository directory.
Title OpenClaw 2026.3.22 < 2026.4.5 - Symlink Traversal in Remote Marketplace Repository Path Handling
First Time appeared Openclaw
Openclaw openclaw
Weaknesses CWE-61
CPEs cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*
Vendors & Products Openclaw
Openclaw openclaw
References
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N'}

cvssV4_0

{'score': 6, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

Openclaw Openclaw
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-05-05T11:25:11.010Z

Reserved: 2026-05-01T16:58:23.117Z

Link: CVE-2026-43570

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Undergoing Analysis

Published: 2026-05-05T12:16:20.710

Modified: 2026-05-05T19:32:49.650

Link: CVE-2026-43570

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-05T12:45:24Z

Weaknesses