Main Vulnerability Database Vulnerabilities #VU125086

Link following in OpenClaw - CVE-2026-32013

Published: April 7, 2026

Vulnerability identifier: #VU125086

CSH Severity: Medium

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2026-32013

CWE-ID: CWE-59

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: OpenClaw

Affected software:
OpenClaw

Detailed vulnerability description

The vulnerability allows a remote user to read and write arbitrary files on the host system.

The vulnerability exists due to improper link resolution before file access in the gateway agents.files.get and agents.files.set methods when processing allowlisted workspace files that are symlinks. A remote user can use a symlinked allowlisted file such as AGENTS.md to access files outside the workspace and read and write arbitrary files on the host system.

Chained impact may include code execution depending on which files are overwritten.

How to mitigate CVE-2026-32013

Install security update from vendor's website.

Sources

https://github.com/openclaw/openclaw/security/advisories/GHSA-fgvx-58p6-gjwc

Link following in OpenClaw - CVE-2026-32013

Detailed vulnerability description

How to mitigate CVE-2026-32013

Sources

Please verify you're human