CVE-2026-26972

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2026-26972

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-26972.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2026-26972

Aliases

GHSA-xwjm-j929-xq7c

Published

2026-02-19T23:08:44.670Z

Modified

2026-03-03T01:23:27.051774Z

Severity

6.7 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

OpenClaw has a Path Traversal in Browser Download Functionality

Details

OpenClaw is a personal AI assistant. In versions 2026.1.12 through 2026.2.12, OpenClaw browser download helpers accepted an unsanitized output path. When invoked via the browser control gateway routes, this allowed path traversal to write downloads outside the intended OpenClaw temp downloads directory. This issue is not exposed via the AI agent tool schema (no download action). Exploitation requires authenticated CLI access or an authenticated gateway RPC token. Version 2026.2.13 fixes the issue.

Database specific

{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/26xxx/CVE-2026-26972.json",
    "cna_assigner": "GitHub_M",
    "cwe_ids": [
        "CWE-22"
    ]
}

References

Affected packages

Git / github.com/openclaw/openclaw

Affected ranges

Type: GIT
Repo: https://github.com/openclaw/openclaw
Events: Introduced

9eab82b717665e12d9a834b097030d0878bb1b1d

Fixed

e91d957d7089d2ca9589255245eead0edddc16d5

Affected versions

v2026.*

v2026.1.12

v2026.1.12-2

v2026.1.13

v2026.1.14-1

v2026.1.15

v2026.1.16-2

v2026.1.20

v2026.1.21

v2026.1.22

v2026.1.23

v2026.1.24

v2026.1.24-1

v2026.1.29

v2026.1.30

v2026.2.1

v2026.2.12

v2026.2.2

v2026.2.3

v2026.2.6

v2026.2.6-1

v2026.2.6-2

v2026.2.6-3

v2026.2.9

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-26972.json"