CVE-2026-35658: OpenClaw: Image Tool `tools.fs.workspaceOnly` Bypass via Sandbox Bridge Mounts
(updated )
The image tool did not fully honor the tools.fs.workspaceOnly filesystem boundary. In affected releases, image-path resolution could still traverse sandbox bridge mounts outside the workspace and read files from mounted directories that the other file tools would reject.
References
- github.com/advisories/GHSA-cfp9-w5v9-3q4h
- github.com/openclaw/openclaw
- github.com/openclaw/openclaw/commit/14baadda2c456f3cf749f1f97e8678746a34a7f4
- github.com/openclaw/openclaw/commit/dd9d9c1c609dcb4579f9e57bd7b5c879d0146b53
- github.com/openclaw/openclaw/security/advisories/GHSA-cfp9-w5v9-3q4h
- nvd.nist.gov/vuln/detail/CVE-2026-35658
Code Behaviors & Features
Detect and mitigate CVE-2026-35658 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →