Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.5
OpenClaw Feishu Extension Can Expose Local Files
CVE-2026-26321
GHSA-8jpq-5h99-ff5r
Summary
If an attacker can trick the OpenClaw Feishu extension into loading a malicious file, they may be able to access and steal sensitive files from your computer. This issue is fixed in version 2026.2.14 and later, which should be installed to prevent this risk. Users should upgrade to the latest version of OpenClaw to stay secure.
What to do
- Update steipete openclaw to version 2026.2.14.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| steipete | openclaw | <= 2026.2.14 | 2026.2.14 |
| openclaw | openclaw | <= 2026.2.14 | – |
Original title
OpenClaw has a local file disclosure via sendMediaFeishu in Feishu extension
Original description
### Summary
The Feishu extension previously allowed `sendMediaFeishu` to treat attacker-controlled `mediaUrl` values as local filesystem paths and read them directly.
### Affected versions
- `< 2026.2.14`
### Patched versions
- `>= 2026.2.14`
### Impact
If an attacker can influence tool calls (directly or via prompt injection), they may be able to exfiltrate local files by supplying paths such as `/etc/passwd` as `mediaUrl`.
### Remediation
Upgrade to OpenClaw `2026.2.14` or newer.
### Notes
The fix removes direct local file reads from this path and routes media loading through hardened helpers that enforce local-root restrictions.
---
Fix commit 5b4121d60 confirmed on main and in v2026.2.14. Upgrade to `openclaw >= 2026.2.14`.
The Feishu extension previously allowed `sendMediaFeishu` to treat attacker-controlled `mediaUrl` values as local filesystem paths and read them directly.
### Affected versions
- `< 2026.2.14`
### Patched versions
- `>= 2026.2.14`
### Impact
If an attacker can influence tool calls (directly or via prompt injection), they may be able to exfiltrate local files by supplying paths such as `/etc/passwd` as `mediaUrl`.
### Remediation
Upgrade to OpenClaw `2026.2.14` or newer.
### Notes
The fix removes direct local file reads from this path and routes media loading through hardened helpers that enforce local-root restrictions.
---
Fix commit 5b4121d60 confirmed on main and in v2026.2.14. Upgrade to `openclaw >= 2026.2.14`.
nvd CVSS3.1
7.5
Vulnerability type
CWE-22
Path Traversal
- https://nvd.nist.gov/vuln/detail/CVE-2026-26321
- https://github.com/advisories/GHSA-8jpq-5h99-ff5r
- https://github.com/openclaw/openclaw/commit/5b4121d6011a48c71e747e3c18197f180b87... Patch
- https://github.com/openclaw/openclaw/releases/tag/v2026.2.14 Product Release Notes
- https://github.com/openclaw/openclaw/security/advisories/GHSA-8jpq-5h99-ff5r Patch Vendor Advisory
Published: 17 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026