Description
OpenClaw before 2026.4.25 contains a path traversal vulnerability in memory-core artifact loading where workspace state influences local package root resolution. Attackers with access to affected workspaces can load memory-core artifacts from unintended local locations, potentially executing malicious code or accessing sensitive data.
Published: 2026-06-11
Score: 7.3 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

OpenClaw prior to version 2026.4.25 is affected by a path traversal flaw in the memory‑core artifact loading routine where the current workspace state is used to resolve the local package root. Attackers who have access to a vulnerable workspace can instruct the system to load artifacts from unintended local directories. This enables the execution of arbitrary code or the acquisition of sensitive data that resides on the host. The weakness maps to CWE‑427, a classic path traversal issue.

Affected Systems

Any deployment of OpenClaw built with a version older than 2026.4.25, regardless of the runtime environment, is susceptible when the default workspace configuration is in use. The problem is present in all setups that rely on the memory‑core artifact loader for local package resolution.

Risk and Exploitability

The CVSS score of 7.3 denotes a high severity, indicating that exploitation can have serious consequences. The EPSS score is not available, so the exact likelihood of exploitation cannot be quantified, but the lack of a KEV listing suggests that there is no current evidence of large‑scale use of this vulnerability. Exploitation requires the attacker to already possess workspace access, which could be achieved through authenticated compromise, social engineering, or other means of obtaining privileges in a shared environment. Once access is granted, the attacker can trigger arbitrary code execution or data exposure via the affected artifact loader.

Generated by OpenCVE AI on June 11, 2026 at 21:53 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to OpenClaw 2026.4.25 or later, which removes the path traversal flaw in memory‑core artifact loading.
  • Restrict workspace permissions so that only trusted users can load or modify artifacts, limiting the attack surface.
  • If the memory‑core artifact loading feature is not required, disable it or audit its use to prevent execution of locally stored artifacts.

Generated by OpenCVE AI on June 11, 2026 at 21:53 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 11 Jun 2026 20:45:00 +0000

Type Values Removed Values Added
Description OpenClaw before 2026.4.25 contains a path traversal vulnerability in memory-core artifact loading where workspace state influences local package root resolution. Attackers with access to affected workspaces can load memory-core artifacts from unintended local locations, potentially executing malicious code or accessing sensitive data.
Title OpenClaw < 2026.4.25 - Arbitrary Artifact Loading via Fake Package Root Resolution
First Time appeared Openclaw
Openclaw openclaw
Weaknesses CWE-427
CPEs cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*
Vendors & Products Openclaw
Openclaw openclaw
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 7.3, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Openclaw Openclaw
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-06-11T20:08:11.982Z

Reserved: 2026-06-10T21:14:38.834Z

Link: CVE-2026-53813

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-06-11T21:16:23.440

Modified: 2026-06-11T21:16:23.440

Link: CVE-2026-53813

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-11T22:00:08Z

Weaknesses
  • CWE-427

    Uncontrolled Search Path Element