CVE-2026-43567

EUVD-2026-27285
OpenClaw before 2026.4.10 contains a path traversal vulnerability in the screen_record tool's outPath parameter that bypasses workspace-only filesystem guards. Attackers can exploit this by specifying an outPath outside the workspace boundary to write files to unintended locations on the system.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.5 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 7%
Affected Products (NVD)
VendorProductVersion
openclawopenclaw
𝑥
< 2026.4.10
𝑥
= Vulnerable software versions
Common Weakness Enumeration
Vulnerability Media Exposure
References
https://github.com/openclaw/openclaw/commit/635bb35b68d8faa5bfa2fda35feadd315122748a
https://github.com/openclaw/openclaw/security/advisories/GHSA-jf25-7968-h2h5
https://www.vulncheck.com/advisories/openclaw-path-traversal-in-screen-record-outpath-parameter