CVE-2026-32013HIGH 8.8EPSS p45.8%

CVE-2026-32013CVE-2026-32013

Description

OpenClaw versions prior to 2026.2.25 contain a symlink traversal vulnerability in the agents.files.get and agents.files.set methods that allows reading and writing files outside the agent workspace. Attackers can exploit symlinked allowlisted files to access arbitrary host files within gateway process permissions, potentially enabling code execution through file overwrite attacks.

Scoring

CVSS 3.18.8 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS0.64% probability of exploitation · percentile 45.8% · 2026-06-19T12:03:05Z
Published2026-03-19
Last modified2026-03-23

Underlying weaknesses· 1

CWE-59

References

  1. https://github.com/openclaw/openclaw/commit/125f4071bcbc0de32e769940d07967db47f09d3d
  2. https://github.com/openclaw/openclaw/security/advisories/GHSA-fgvx-58p6-gjwc
  3. https://www.vulncheck.com/advisories/openclaw-symlink-traversal-in-agents-files-methods

1

TypeTargetConfidenceTier
WeaknessImproper Link Resolution Before File Access ('Link Following')cwe-590%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-41397
CVE
CVE-2026-41364
CVE
CVE-2026-32055
CVE
CVE-2026-32007
CVE
CVE-2026-32060
CVE
CVE-2026-33573
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.