Description
OpenClaw before 2026.4.7 contains an arbitrary file read vulnerability in the memory-wiki ingest feature that allows authenticated Gateway operators with operator.write scope to read local files outside intended ingest sources. Attackers with operator.write access can specify arbitrary local file paths to import file content into wiki memory, bypassing access restrictions.
Published: 2026-06-12
Score: 7.1 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

OpenClaw before 2026.4.7 contains an arbitrary file read vulnerability in the memory-wiki ingest feature. An authenticated Gateway operator with the operator.write scope can specify any local file path when importing content into wiki memory, enabling disclosure of files outside the intended ingest sources. This can lead to confidential data exposure, including configuration files or system credentials, potentially allowing an attacker to compromise the host if other privileges are gained.

Affected Systems

The affected product is OpenClaw, all releases earlier than version 2026.4.7. No other vendors or product variants are listed.

Risk and Exploitability

The CVSS score is 7.1, indicating a high risk level. The EPSS score is not available, and the issue is not listed in CISA’s KEV catalog. The vulnerability requires authenticated access with operator.write scope; therefore the likely attack vector is an insider or compromised operator account. Once access is present, the attacker can directly read arbitrary files on the server by using the memory-wiki ingest functionality.

Generated by OpenCVE AI on June 12, 2026 at 23:50 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update OpenClaw to version 2026.4.7 or later. This version contains the fix that blocks arbitrary file read via memory‑wiki ingest.
  • Restrict the operator.write scope to only trusted users or services, and review operator permissions regularly.
  • Apply additional file system permissions or access controls so that the ingest process cannot read sensitive directories, reducing the potential impact of any remaining path traversal.

Generated by OpenCVE AI on June 12, 2026 at 23:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 15 Jun 2026 18:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Fri, 12 Jun 2026 22:15:00 +0000

Type Values Removed Values Added
Description OpenClaw before 2026.4.7 contains an arbitrary file read vulnerability in the memory-wiki ingest feature that allows authenticated Gateway operators with operator.write scope to read local files outside intended ingest sources. Attackers with operator.write access can specify arbitrary local file paths to import file content into wiki memory, bypassing access restrictions.
Title OpenClaw < 2026.4.7 - Arbitrary Local File Read via memory-wiki Ingest with operator.write Scope
First Time appeared Openclaw
Openclaw openclaw
Weaknesses CWE-22
CPEs cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*
Vendors & Products Openclaw
Openclaw openclaw
References
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N'}

cvssV4_0

{'score': 7.1, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N'}


Subscriptions

Openclaw Openclaw
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-06-15T17:24:55.964Z

Reserved: 2026-06-10T21:16:07.496Z

Link: CVE-2026-53825

cve-icon Vulnrichment

Updated: 2026-06-15T17:24:51.929Z

cve-icon NVD

Status : Analyzed

Published: 2026-06-12T22:16:53.767

Modified: 2026-06-16T02:49:17.403

Link: CVE-2026-53825

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-13T01:45:26Z

Weaknesses
  • CWE-22

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')