CVE-2026-32020
EUVD-2026-1328819.03.2026, 22:16
OpenClaw versions prior to 2026.2.22 contain a path traversal vulnerability in the static file handler that follows symbolic links, allowing out-of-root file reads. Attackers can place symlinks under the Control UI root directory to bypass directory confinement checks and read arbitrary files outside the intended root.
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| openclaw | openclaw | 𝑥 < 2026.2.22 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-59 - Improper Link Resolution Before File Access ('Link Following')The software attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')The software uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the software does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.