Vulnerability Description
OpenClaw before 2026.3.28 contains a path traversal vulnerability in media parsing that allows attackers to read arbitrary files by bypassing path validation in the isLikelyLocalPath() and isValidMedia() functions. Attackers can exploit incomplete validation and the allowBareFilename bypass to reference files outside the intended application sandbox, resulting in disclosure of sensitive information including system files, environment files, and SSH keys.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Openclaw | Openclaw | <= 2026.3.23 |
Related Weaknesses (CWE)
References
- https://github.com/openclaw/openclaw/commit/4797bbc5b96e2cca5532e43b58915c051746Patch
- https://github.com/openclaw/openclaw/pull/54642ExploitIssue TrackingVendor Advisory
- https://github.com/openclaw/openclaw/security/advisories/GHSA-f6pf-4gjx-c94rBroken Link
- https://www.vulncheck.com/advisories/openclaw-media-parsing-path-traversal-to-arThird Party Advisory
- https://github.com/openclaw/openclaw/pull/54642ExploitIssue TrackingVendor Advisory
FAQ
What is CVE-2026-32846?
CVE-2026-32846 is a vulnerability with a CVSS score of 7.5 (HIGH). OpenClaw before 2026.3.28 contains a path traversal vulnerability in media parsing that allows attackers to read arbitrary files by bypassing path validation in the isLikelyLocalPath() and isValidMedi...
How severe is CVE-2026-32846?
CVE-2026-32846 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-32846?
Check the references section above for vendor advisories and patch information. Affected products include: Openclaw Openclaw.