Path traversal in OpenClaw - #VU135886

 

Path traversal in OpenClaw - #VU135886

Published: June 30, 2026


Vulnerability identifier: #VU135886
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: N/A
CWE-ID: CWE-22
Exploitation vector: Local access
Exploit availability: No public exploit available
Vendor: OpenClaw
Affected software:
OpenClaw

Detailed vulnerability description

The vulnerability allows a local user to bypass authorization or policy checks.

The vulnerability exists due to path traversal in sandbox bind mounts when processing lower-trust caller or configured input paths. A local user can supply a crafted input path to bypass authorization or policy checks.

Only instances where the affected feature is enabled and reachable are vulnerable, and practical impact depends on operator configuration and whether lower-trust input can reach the affected path.


Remediation

Install security update from vendor's website.

Sources