CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-26329

OpenClaw is a personal AI assistant. Prior to version 2026.2.14, authenticated attackers can read arbitrary files from the Gateway host by supplying absolute paths or path traversal sequences to the browser tool's `upload` action. The server passed these paths to Playwright's `setInputFiles()` APIs without restricting them to a safe root. An attacker must reach the Gateway HTTP surface (or otherwise invoke the same browser control hook endpoints); present valid Gateway auth (bearer token / password), as required by the Gateway configuration (In common default setups, the Gateway binds to loopback and the onboarding wizard generates a gateway token even for loopback); and have the `browser` tool permitted by tool policy for the target session/context (and have browser support enabled). If an operator exposes the Gateway beyond loopback (LAN/tailnet/custom bind, reverse proxy, tunnels, etc.), the impact increases accordingly. Starting in version 2026.2.14, the upload paths are now confined to OpenClaw's temp uploads root (`DEFAULT_UPLOAD_DIR`) and traversal/escape paths are rejected.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 4.7%

CVSS Severity

CVSS v3 Score 6.5

References

Products affected by CVE-2026-26329

Openclaw » Openclaw » Version: 0.1.0

cpe:2.3:a:openclaw:openclaw:0.1.0
Openclaw » Openclaw » Version: 0.1.1

cpe:2.3:a:openclaw:openclaw:0.1.1
Openclaw » Openclaw » Version: 0.1.2

cpe:2.3:a:openclaw:openclaw:0.1.2
Openclaw » Openclaw » Version: 0.1.3

cpe:2.3:a:openclaw:openclaw:0.1.3
Openclaw » Openclaw » Version: 1.0.4

cpe:2.3:a:openclaw:openclaw:1.0.4
Openclaw » Openclaw » Version: 1.1.0

cpe:2.3:a:openclaw:openclaw:1.1.0
Openclaw » Openclaw » Version: 1.2.0

cpe:2.3:a:openclaw:openclaw:1.2.0
Openclaw » Openclaw » Version: 1.2.1

cpe:2.3:a:openclaw:openclaw:1.2.1
Openclaw » Openclaw » Version: 1.2.2

cpe:2.3:a:openclaw:openclaw:1.2.2
Openclaw » Openclaw » Version: 1.3.0

cpe:2.3:a:openclaw:openclaw:1.3.0
Openclaw » Openclaw » Version: 2.0.0

cpe:2.3:a:openclaw:openclaw:2.0.0
Openclaw » Openclaw » Version: 2026.1.10

cpe:2.3:a:openclaw:openclaw:2026.1.10
Openclaw » Openclaw » Version: 2026.1.11

cpe:2.3:a:openclaw:openclaw:2026.1.11
Openclaw » Openclaw » Version: 2026.1.11-1

cpe:2.3:a:openclaw:openclaw:2026.1.11-1
Openclaw » Openclaw » Version: 2026.1.11-2

cpe:2.3:a:openclaw:openclaw:2026.1.11-2
Openclaw » Openclaw » Version: 2026.1.11-3

cpe:2.3:a:openclaw:openclaw:2026.1.11-3
Openclaw » Openclaw » Version: 2026.1.11-4

cpe:2.3:a:openclaw:openclaw:2026.1.11-4
Openclaw » Openclaw » Version: 2026.1.111

cpe:2.3:a:openclaw:openclaw:2026.1.111
Openclaw » Openclaw » Version: 2026.1.112

cpe:2.3:a:openclaw:openclaw:2026.1.112
Openclaw » Openclaw » Version: 2026.1.113

cpe:2.3:a:openclaw:openclaw:2026.1.113
Openclaw » Openclaw » Version: 2026.1.12

cpe:2.3:a:openclaw:openclaw:2026.1.12
Openclaw » Openclaw » Version: 2026.1.12-1

cpe:2.3:a:openclaw:openclaw:2026.1.12-1
Openclaw » Openclaw » Version: 2026.1.12-2

cpe:2.3:a:openclaw:openclaw:2026.1.12-2
Openclaw » Openclaw » Version: 2026.1.122

cpe:2.3:a:openclaw:openclaw:2026.1.122
Openclaw » Openclaw » Version: 2026.1.13

cpe:2.3:a:openclaw:openclaw:2026.1.13
Openclaw » Openclaw » Version: 2026.1.14-1

cpe:2.3:a:openclaw:openclaw:2026.1.14-1
Openclaw » Openclaw » Version: 2026.1.141

cpe:2.3:a:openclaw:openclaw:2026.1.141
Openclaw » Openclaw » Version: 2026.1.15

cpe:2.3:a:openclaw:openclaw:2026.1.15
Openclaw » Openclaw » Version: 2026.1.16-1

cpe:2.3:a:openclaw:openclaw:2026.1.16-1
Openclaw » Openclaw » Version: 2026.1.16-2

cpe:2.3:a:openclaw:openclaw:2026.1.16-2
Openclaw » Openclaw » Version: 2026.1.162

cpe:2.3:a:openclaw:openclaw:2026.1.162
Openclaw » Openclaw » Version: 2026.1.20

cpe:2.3:a:openclaw:openclaw:2026.1.20
Openclaw » Openclaw » Version: 2026.1.20-1

cpe:2.3:a:openclaw:openclaw:2026.1.20-1
Openclaw » Openclaw » Version: 2026.1.20-2

cpe:2.3:a:openclaw:openclaw:2026.1.20-2
Openclaw » Openclaw » Version: 2026.1.21

cpe:2.3:a:openclaw:openclaw:2026.1.21
Openclaw » Openclaw » Version: 2026.1.21-1

cpe:2.3:a:openclaw:openclaw:2026.1.21-1
Openclaw » Openclaw » Version: 2026.1.21-2

cpe:2.3:a:openclaw:openclaw:2026.1.21-2
Openclaw » Openclaw » Version: 2026.1.22

cpe:2.3:a:openclaw:openclaw:2026.1.22
Openclaw » Openclaw » Version: 2026.1.23

cpe:2.3:a:openclaw:openclaw:2026.1.23
Openclaw » Openclaw » Version: 2026.1.23-1

cpe:2.3:a:openclaw:openclaw:2026.1.23-1
Openclaw » Openclaw » Version: 2026.1.24

cpe:2.3:a:openclaw:openclaw:2026.1.24
Openclaw » Openclaw » Version: 2026.1.24-1

cpe:2.3:a:openclaw:openclaw:2026.1.24-1
Openclaw » Openclaw » Version: 2026.1.24-2

cpe:2.3:a:openclaw:openclaw:2026.1.24-2
Openclaw » Openclaw » Version: 2026.1.24-3

cpe:2.3:a:openclaw:openclaw:2026.1.24-3
Openclaw » Openclaw » Version: 2026.1.241

cpe:2.3:a:openclaw:openclaw:2026.1.241
Openclaw » Openclaw » Version: 2026.1.29

cpe:2.3:a:openclaw:openclaw:2026.1.29
Openclaw » Openclaw » Version: 2026.1.30

cpe:2.3:a:openclaw:openclaw:2026.1.30
Openclaw » Openclaw » Version: 2026.1.4

cpe:2.3:a:openclaw:openclaw:2026.1.4
Openclaw » Openclaw » Version: 2026.1.4-1

cpe:2.3:a:openclaw:openclaw:2026.1.4-1
Openclaw » Openclaw » Version: 2026.1.5

cpe:2.3:a:openclaw:openclaw:2026.1.5
Openclaw » Openclaw » Version: 2026.1.5-1

cpe:2.3:a:openclaw:openclaw:2026.1.5-1
Openclaw » Openclaw » Version: 2026.1.5-2

cpe:2.3:a:openclaw:openclaw:2026.1.5-2
Openclaw » Openclaw » Version: 2026.1.5-3

cpe:2.3:a:openclaw:openclaw:2026.1.5-3
Openclaw » Openclaw » Version: 2026.1.51

cpe:2.3:a:openclaw:openclaw:2026.1.51
Openclaw » Openclaw » Version: 2026.1.52

cpe:2.3:a:openclaw:openclaw:2026.1.52
Openclaw » Openclaw » Version: 2026.1.53

cpe:2.3:a:openclaw:openclaw:2026.1.53
Openclaw » Openclaw » Version: 2026.1.8

cpe:2.3:a:openclaw:openclaw:2026.1.8
Openclaw » Openclaw » Version: 2026.1.8-1

cpe:2.3:a:openclaw:openclaw:2026.1.8-1
Openclaw » Openclaw » Version: 2026.1.8-2

cpe:2.3:a:openclaw:openclaw:2026.1.8-2
Openclaw » Openclaw » Version: 2026.1.9

cpe:2.3:a:openclaw:openclaw:2026.1.9
Openclaw » Openclaw » Version: 2026.2.0

cpe:2.3:a:openclaw:openclaw:2026.2.0
Openclaw » Openclaw » Version: 2026.2.1

cpe:2.3:a:openclaw:openclaw:2026.2.1
Openclaw » Openclaw » Version: 2026.2.12

cpe:2.3:a:openclaw:openclaw:2026.2.12
Openclaw » Openclaw » Version: 2026.2.13

cpe:2.3:a:openclaw:openclaw:2026.2.13
Openclaw » Openclaw » Version: 2026.2.2

cpe:2.3:a:openclaw:openclaw:2026.2.2
Openclaw » Openclaw » Version: 2026.2.2-1

cpe:2.3:a:openclaw:openclaw:2026.2.2-1
Openclaw » Openclaw » Version: 2026.2.2-2

cpe:2.3:a:openclaw:openclaw:2026.2.2-2
Openclaw » Openclaw » Version: 2026.2.2-3

cpe:2.3:a:openclaw:openclaw:2026.2.2-3
Openclaw » Openclaw » Version: 2026.2.3

cpe:2.3:a:openclaw:openclaw:2026.2.3
Openclaw » Openclaw » Version: 2026.2.3-1

cpe:2.3:a:openclaw:openclaw:2026.2.3-1
Openclaw » Openclaw » Version: 2026.2.6

cpe:2.3:a:openclaw:openclaw:2026.2.6
Openclaw » Openclaw » Version: 2026.2.6-1

cpe:2.3:a:openclaw:openclaw:2026.2.6-1
Openclaw » Openclaw » Version: 2026.2.6-2

cpe:2.3:a:openclaw:openclaw:2026.2.6-2
Openclaw » Openclaw » Version: 2026.2.6-3

cpe:2.3:a:openclaw:openclaw:2026.2.6-3
Openclaw » Openclaw » Version: 2026.2.9

cpe:2.3:a:openclaw:openclaw:2026.2.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-26329

Products

Pricing

Contact Us