Description
OpenClaw before 2026.4.26 contains an information disclosure vulnerability in sandboxed session spawning that exposes the real workspace path to child prompts. Attackers can exploit this by spawning child sessions from sandboxed parents to reveal host workspace location or related memory context to child models.
Published: 2026-06-12
Score: 2.3 Low
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability arises when OpenClaw spawns child sessions from sandboxed parents, causing the child prompts to reveal the full workspace path and related memory context. This leakage can expose sensitive directory information to an attacker, potentially aiding enumeration or further compromise. The weakness is a form of information disclosure, classified as CWE-668.

Affected Systems

OpenClaw versions prior to 2026.4.26, running on a Node.js environment, are susceptible. The sandboxed session spawning feature is the affected component.

Risk and Exploitability

The CVSS score of 2.3 indicates low severity, and the EPSS score is not available, suggesting limited known exploitation activity. The vulnerability is not listed in CISA KEV. Based on the description, the likely attack vector is a local or internal attacker able to spawn child sessions within a sandboxed context, possibly through compromised session credentials or social engineering.

Generated by OpenCVE AI on June 12, 2026 at 23:26 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to OpenClaw version 2026.4.26 or newer.
  • Restrict or disable sandboxed session spawning to prevent child prompts from accessing the host workspace.
  • Enforce strict isolation of workspace paths so child sessions cannot read or reveal parent directory information.

Generated by OpenCVE AI on June 12, 2026 at 23:26 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 12 Jun 2026 22:15:00 +0000

Type Values Removed Values Added
Description OpenClaw before 2026.4.26 contains an information disclosure vulnerability in sandboxed session spawning that exposes the real workspace path to child prompts. Attackers can exploit this by spawning child sessions from sandboxed parents to reveal host workspace location or related memory context to child models.
Title OpenClaw < 2026.4.26 - Information Disclosure via Sandboxed Session Spawn
First Time appeared Openclaw
Openclaw openclaw
Weaknesses CWE-668
CPEs cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*
Vendors & Products Openclaw
Openclaw openclaw
References
Metrics cvssV3_1

{'score': 4.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N'}

cvssV4_0

{'score': 2.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

Openclaw Openclaw
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-06-12T21:56:52.937Z

Reserved: 2026-06-10T21:16:58.211Z

Link: CVE-2026-53826

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-06-12T22:16:53.913

Modified: 2026-06-12T22:16:53.913

Link: CVE-2026-53826

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-12T23:30:08Z

Weaknesses
  • CWE-668

    Exposure of Resource to Wrong Sphere