Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.7
OpenClaw: Unrestricted File Sync and Symlink Traversal Risks Malicious File Access
GHSA-cwf8-44x6-32c2
Summary
OpenClaw versions up to 2026.3.28 have a security flaw that allows a hacker to access and manipulate files on the system. This is due to unrestricted file syncing and the ability to create symlinks, which can be exploited to gain unauthorized access. To fix this issue, upgrade to version 2026.3.31 or later.
What to do
- Update openclaw to version 2026.3.31.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| – | openclaw | <= 2026.3.28 | 2026.3.31 |
Original title
OpenClaw: OpenShell Mirror Sync — Sandbox Escape via Unrestricted File Sync + Symlink Traversal
Original description
## Summary
OpenShell Mirror Sync: Sandbox Escape via Unrestricted File Sync + Symlink Traversal
## Current Maintainer Triage
- Status: narrow
- Normalized severity: high
- Assessment: v2026.3.28 still has the mirror-boundary bug because shipped c02ee8 only excluded hooks while unreleased 3b9dab is the first full symlink-free upload and download hardening.
## Affected Packages / Versions
- Package: `openclaw` (npm)
- Latest published npm version: `2026.3.31`
- Vulnerable version range: `<=2026.3.28`
- Patched versions: `>= 2026.3.31`
- First stable tag containing the fix: `v2026.3.31`
## Fix Commit(s)
- `c02ee8a3a4cb390b23afdf21317aa8b2096854d1` — 2026-03-25T19:59:07Z
- `3b9dab0ece4643a9643e6a45459f5c709d3ce320` — 2026-03-30T14:51:44+01:00
OpenClaw thanks @AntAISecurityLab for reporting.
OpenShell Mirror Sync: Sandbox Escape via Unrestricted File Sync + Symlink Traversal
## Current Maintainer Triage
- Status: narrow
- Normalized severity: high
- Assessment: v2026.3.28 still has the mirror-boundary bug because shipped c02ee8 only excluded hooks while unreleased 3b9dab is the first full symlink-free upload and download hardening.
## Affected Packages / Versions
- Package: `openclaw` (npm)
- Latest published npm version: `2026.3.31`
- Vulnerable version range: `<=2026.3.28`
- Patched versions: `>= 2026.3.31`
- First stable tag containing the fix: `v2026.3.31`
## Fix Commit(s)
- `c02ee8a3a4cb390b23afdf21317aa8b2096854d1` — 2026-03-25T19:59:07Z
- `3b9dab0ece4643a9643e6a45459f5c709d3ce320` — 2026-03-30T14:51:44+01:00
OpenClaw thanks @AntAISecurityLab for reporting.
ghsa CVSS4.0
8.7
Vulnerability type
CWE-59
Link Following
CWE-434
Unrestricted File Upload
- https://github.com/openclaw/openclaw/security/advisories/GHSA-cwf8-44x6-32c2
- https://github.com/openclaw/openclaw/commit/3b9dab0ece4643a9643e6a45459f5c709d3c...
- https://github.com/openclaw/openclaw/commit/c02ee8a3a4cb390b23afdf21317aa8b20968...
- https://github.com/openclaw/openclaw/releases/tag/v2026.3.31
- https://github.com/advisories/GHSA-cwf8-44x6-32c2
Published: 3 Apr 2026 · Updated: 3 Apr 2026 · First seen: 3 Apr 2026