CVE-2026-41397: OpenClaw: OpenShell Mirror Sync — Sandbox Escape via Unrestricted File Sync + Symlink Traversal
(updated )
OpenShell Mirror Sync: Sandbox Escape via Unrestricted File Sync + Symlink Traversal
References
- github.com/advisories/GHSA-cwf8-44x6-32c2
- github.com/openclaw/openclaw
- github.com/openclaw/openclaw/commit/3b9dab0ece4643a9643e6a45459f5c709d3ce320
- github.com/openclaw/openclaw/commit/c02ee8a3a4cb390b23afdf21317aa8b2096854d1
- github.com/openclaw/openclaw/releases/tag/v2026.3.31
- github.com/openclaw/openclaw/security/advisories/GHSA-cwf8-44x6-32c2
- nvd.nist.gov/vuln/detail/CVE-2026-41397
- www.vulncheck.com/advisories/openclaw-sandbox-escape-via-unrestricted-file-sync-and-symlink-traversal
Code Behaviors & Features
Detect and mitigate CVE-2026-41397 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →