Vulnerability Description
OpenClaw before 2026.4.15 contains an arbitrary local file read vulnerability in the webchat audio embedding helper that fails to apply local media root containment checks. Attackers can influence agent or tool-produced ReplyPayload.mediaUrl parameters to resolve absolute local paths or file URLs, read audio-like files, and embed them base64-encoded into webchat responses.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Openclaw | Openclaw | < 2026.4.15 |
Related Weaknesses (CWE)
References
- https://github.com/openclaw/openclaw/commit/6e58f1f9f54bca1fea1268ec0ee4c01a2af0Patch
- https://github.com/openclaw/openclaw/security/advisories/GHSA-gfg9-5357-hv4cThird Party Advisory
- https://www.vulncheck.com/advisories/openclaw-arbitrary-local-file-read-via-webcThird Party AdvisoryPatch
FAQ
What is CVE-2026-44996?
CVE-2026-44996 is a vulnerability with a CVSS score of 3.7 (LOW). OpenClaw before 2026.4.15 contains an arbitrary local file read vulnerability in the webchat audio embedding helper that fails to apply local media root containment checks. Attackers can influence age...
How severe is CVE-2026-44996?
CVE-2026-44996 has been rated LOW with a CVSS base score of 3.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-44996?
Check the references section above for vendor advisories and patch information. Affected products include: Openclaw Openclaw.