Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
6.9
OpenClaw Sandbox Bypass on Symlinked Paths
GHSA-m8v2-6wwh-r4gc
CVE-2026-27523
Summary
A security flaw in OpenClaw's sandboxing feature could allow an attacker to access prohibited areas. This issue affects OpenClaw versions up to 2026.2.23. To fix the issue, update to version 2026.2.24 or later, and run 'pnpm check' or other verification tests to ensure the fix is in place.
What to do
- Update steipete openclaw to version 2026.2.24.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| steipete | openclaw | <= 2026.2.24 | 2026.2.24 |
Original title
OpenClaw versions prior to 2026.2.24 contain a sandbox bind validation vulnerability allowing attackers to bypass allowed-root and blocked-path checks via symlinked parent directories with non-exis...
Original description
OpenClaw versions prior to 2026.2.24 contain a sandbox bind validation vulnerability allowing attackers to bypass allowed-root and blocked-path checks via symlinked parent directories with non-existent leaf paths. Attackers can craft bind source paths that appear within allowed roots but resolve outside sandbox boundaries once missing leaf components are created, weakening bind-source isolation enforcement.
osv CVSS4.0
7.8
Vulnerability type
CWE-22
Path Traversal
CWE-59
Link Following
Published: 18 Mar 2026 · Updated: 18 Mar 2026 · First seen: 18 Mar 2026