CVE-2026-32024

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2026-32024

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-32024.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2026-32024

Aliases

GHSA-rx3g-mvc3-qfjf

Published

2026-03-19T22:16:36.737Z

Modified

2026-04-02T13:24:15.825762Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

OpenClaw versions prior to 2026.2.22 contain a symlink traversal vulnerability in avatar handling that allows attackers to read arbitrary files outside the configured workspace boundary. Remote attackers can exploit this by requesting avatar resources through gateway surfaces to disclose local files accessible to the OpenClaw process.

References

Affected packages

Git / github.com/openclaw/openclaw

Affected ranges

Type: GIT
Repo: https://github.com/openclaw/openclaw
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

3d0337504349954237d09e4d957df5cb844d5e77

Type: GIT
Repo: https://github.com/openclaw/openclaw
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

6970c2c2db3ee069ef0fff0ade5cfbdd0134f9d2

Affected versions

v0.*

v0.1.0

v0.1.1

v0.1.2

v0.1.3

v1.*

v1.0.4

v1.1.0

v1.2.0

v1.2.1

v1.2.2

v1.3.0

v2.*

v2.0.0-beta1

v2.0.0-beta2

v2.0.0-beta3

v2.0.0-beta4

v2.0.0-beta5

v2026.*

v2026.1.10

v2026.1.11

v2026.1.11-1

v2026.1.11-2

v2026.1.11-3

v2026.1.12

v2026.1.12-2

v2026.1.13

v2026.1.14-1

v2026.1.15

v2026.1.16-2

v2026.1.20

v2026.1.21

v2026.1.22

v2026.1.23

v2026.1.24

v2026.1.24-1

v2026.1.29

v2026.1.30

v2026.1.5

v2026.1.5-1

v2026.1.5-2

v2026.1.5-3

v2026.1.8

v2026.1.9

v2026.2.1

v2026.2.12

v2026.2.13

v2026.2.14

v2026.2.15-beta.1

v2026.2.17

v2026.2.19

v2026.2.19-beta.1

v2026.2.2

v2026.2.21

v2026.2.21-beta.1

v2026.2.3

v2026.2.6

v2026.2.6-1

v2026.2.6-2

v2026.2.6-3

v2026.2.9

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-32024.json"

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "gateway"
            }
        ]
    }
]