CVE-2026-32024 in OpenClawinformação

Sumário

de MITRE • 20/03/2026

OpenClaw versions prior to 2026.2.22 contain a symlink traversal vulnerability in avatar handling that allows attackers to read arbitrary files outside the configured workspace boundary. Remote attackers can exploit this by requesting avatar resources through gateway surfaces to disclose local files accessible to the OpenClaw process.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsável

VulnCheck

Reservar

10/03/2026

Divulgação

20/03/2026

Moderação

aceite

Entrada

VDB-351961

CPE

pronto

CWE

CWE-59 (confirmado)

CVSS

7.5 (NVD)

EPSS

0.00060

KEV

não

Atividades

muito baixo

Sector

Industry, Chemical, ...

Fontes

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-32024
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-32024
CVE Details	https://www.cvedetails.com/cve/CVE-2026-32024/

◂ Voltar Visão Geral Próximo ▸

Do you know our Splunk app?

Download it now for free!