CVE-2026-32055 in OpenClawالمعلومات

الملخص

بحسب MITRE • 21/03/2026

OpenClaw versions prior to 2026.2.26 contain a path traversal vulnerability in workspace boundary validation that allows attackers to write files outside the workspace through in-workspace symlinks pointing to non-existent out-of-root targets. The vulnerability exists because the boundary check improperly resolves aliases, permitting the first write operation to escape the workspace boundary and create files in arbitrary locations.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

مسؤول

VulnCheck

حجز

10/03/2026

إفشاء

21/03/2026

الاعتدال

تمت الموافقة

إدخال

VDB-352155

CPE

جاهز

CWE

CWE-22 (مؤكد)

CVSS

8.2 (NVD)

EPSS

0.00095

KEV

لا

النشاطات

منخفض جدًا

القطاع

Insurance, Lawfirm, ...

المصادر

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-32055
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-32055
CVE Details	https://www.cvedetails.com/cve/CVE-2026-32055/

التالي ▸نظرة عامة ◂ السابق

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!