Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.4
OpenClaw: Files Accessed Outside of Safe Area
GHSA-cwf8-44x6-32c2
Summary
OpenClaw software allows attackers to access files outside a safe area, potentially leading to unauthorized data access or modification. This issue affects versions of OpenClaw installed through npm before version 2026.3.31. To fix, update to version 2026.3.31 or later.
What to do
- Update openclaw to version 2026.3.31.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| – | openclaw | <= 2026.3.31 | 2026.3.31 |
Original title
OpenClaw: OpenShell Mirror Sync — Sandbox Escape via Unrestricted File Sync + Symlink Traversal
Original description
## Summary
OpenShell Mirror Sync: Sandbox Escape via Unrestricted File Sync + Symlink Traversal
## Current Maintainer Triage
- Status: narrow
- Normalized severity: high
- Assessment: v2026.3.28 still has the mirror-boundary bug because shipped c02ee8 only excluded hooks while unreleased 3b9dab is the first full symlink-free upload and download hardening.
## Affected Packages / Versions
- Package: `openclaw` (npm)
- Latest published npm version: `2026.3.31`
- Vulnerable version range: `<=2026.3.28`
- Patched versions: `>= 2026.3.31`
- First stable tag containing the fix: `v2026.3.31`
## Fix Commit(s)
- `c02ee8a3a4cb390b23afdf21317aa8b2096854d1` — 2026-03-25T19:59:07Z
- `3b9dab0ece4643a9643e6a45459f5c709d3ce320` — 2026-03-30T14:51:44+01:00
OpenClaw thanks @AntAISecurityLab for reporting.
OpenShell Mirror Sync: Sandbox Escape via Unrestricted File Sync + Symlink Traversal
## Current Maintainer Triage
- Status: narrow
- Normalized severity: high
- Assessment: v2026.3.28 still has the mirror-boundary bug because shipped c02ee8 only excluded hooks while unreleased 3b9dab is the first full symlink-free upload and download hardening.
## Affected Packages / Versions
- Package: `openclaw` (npm)
- Latest published npm version: `2026.3.31`
- Vulnerable version range: `<=2026.3.28`
- Patched versions: `>= 2026.3.31`
- First stable tag containing the fix: `v2026.3.31`
## Fix Commit(s)
- `c02ee8a3a4cb390b23afdf21317aa8b2096854d1` — 2026-03-25T19:59:07Z
- `3b9dab0ece4643a9643e6a45459f5c709d3ce320` — 2026-03-30T14:51:44+01:00
OpenClaw thanks @AntAISecurityLab for reporting.
osv CVSS4.0
9.4
Vulnerability type
CWE-434
Unrestricted File Upload
CWE-59
Link Following
- https://github.com/openclaw/openclaw/security/advisories/GHSA-cwf8-44x6-32c2 URL
- https://github.com/openclaw/openclaw/commit/3b9dab0ece4643a9643e6a45459f5c709d3c... URL
- https://github.com/openclaw/openclaw/commit/c02ee8a3a4cb390b23afdf21317aa8b20968... URL
- https://github.com/openclaw/openclaw Product
- https://github.com/openclaw/openclaw/releases/tag/v2026.3.31 URL
Published: 3 Apr 2026 · Updated: 3 Apr 2026 · First seen: 3 Apr 2026