CVE-2026-31990

6.1 MEDIUM
Published: March 19, 2026 Modified: March 19, 2026
View on NVD

Description

OpenClaw versions prior to 2026.3.2 contain a vulnerability in the stageSandboxMedia function in which it fails to validate destination symlinks during media staging, allowing writes to follow symlinks outside the sandbox workspace. Attackers can exploit this by placing symlinks in the media/inbound directory to overwrite arbitrary files on the host system outside sandbox boundaries.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

CVSS v3.x Details

0.0 Low Medium High Critical 10.0
Vector String
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
https://github.com/openclaw/openclaw/commit/17ede52a4be3034f6ec4b883ac6b81ad0101558a
Source: disclosure@vulncheck.com
Patch
https://github.com/openclaw/openclaw/security/advisories/GHSA-cfvj-7rx7-fc7c
Source: disclosure@vulncheck.com
Mitigation Vendor Advisory
https://www.vulncheck.com/advisories/openclaw-symlink-traversal-in-stagesandboxmedia-destination
Source: disclosure@vulncheck.com
Third Party Advisory

3 reference(s) from NVD

Quick Stats

CVSS v3 Score
6.1 / 10.0
EPSS (Exploit Probability)
0.0%
2th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-59

Affected Vendors

openclaw

Related CVEs

CVE-2026-3550 5.3
CVE-2026-33192 N/A
CVE-2026-33080 7.3
CVE-2026-33075 N/A
CVE-2026-33072 8.2