Main Vulnerability Database Vulnerabilities #VU125086

#VU125086 Link following in OpenClaw - CVE-2026-32013

Published: April 7, 2026

Vulnerability identifier: #VU125086

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2026-32013

CWE-ID: CWE-59

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
OpenClaw

Software vendor:
OpenClaw

Description

The vulnerability allows a remote user to read and write arbitrary files on the host system.

The vulnerability exists due to improper link resolution before file access in the gateway agents.files.get and agents.files.set methods when processing allowlisted workspace files that are symlinks. A remote user can use a symlinked allowlisted file such as AGENTS.md to access files outside the workspace and read and write arbitrary files on the host system.

Chained impact may include code execution depending on which files are overwritten.

Remediation

Install security update from vendor's website.

External links

https://github.com/openclaw/openclaw/security/advisories/GHSA-fgvx-58p6-gjwc

#VU125086 Link following in OpenClaw - CVE-2026-32013

Description

Remediation

External links

Please verify you're human