Path traversal in OpenClaw - CVE-2026-22171
Published: May 4, 2026
Vulnerability identifier: #VU129403
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2026-22171
CWE-ID: CWE-22
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: OpenClaw
Affected software:
OpenClaw
OpenClaw
Detailed vulnerability description
The vulnerability allows a remote user to write arbitrary files.
The vulnerability exists due to path traversal in extensions/feishu/src/media.ts when building temporary file paths from untrusted Feishu media keys. A remote user can supply specially crafted media key values to write arbitrary files.
Exploitation is limited to locations writable by the OpenClaw process and requires control over Feishu media key values returned to the client.
How to mitigate CVE-2026-22171
Install security update from vendor's website.