Vulnerability Description
OpenClaw before 2026.4.10 contains a time-of-check-time-of-use vulnerability in the validateScriptFileForShellBleed function that allows local attackers to bypass workspace boundary checks. An attacker with workspace write access can race-condition swap the target file between validation and preflight read, causing the validator to inspect a different file identity than the one that passed the initial boundary check.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Openclaw | Openclaw | < 2026.4.10 |
Related Weaknesses (CWE)
References
- https://github.com/openclaw/openclaw/commit/b024fae9e5df43e9b69b2daebb72be3469d5Patch
- https://github.com/openclaw/openclaw/security/advisories/GHSA-gj9q-8w99-mp8jVendor Advisory
- https://www.vulncheck.com/advisories/openclaw-time-of-check-time-of-use-toctou-rThird Party Advisory
FAQ
What is CVE-2026-43529?
CVE-2026-43529 is a vulnerability with a CVSS score of 2.5 (LOW). OpenClaw before 2026.4.10 contains a time-of-check-time-of-use vulnerability in the validateScriptFileForShellBleed function that allows local attackers to bypass workspace boundary checks. An attacke...
How severe is CVE-2026-43529?
CVE-2026-43529 has been rated LOW with a CVSS base score of 2.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-43529?
Check the references section above for vendor advisories and patch information. Affected products include: Openclaw Openclaw.