CVE-2026-32026: Temporary path handling could write outside OpenClaw temp boundary
(updated )
Sandbox media local-path validation accepted absolute paths under host tmp, even when those paths were outside the active sandbox root.
References
- github.com/advisories/GHSA-33hm-cq8r-wc49
- github.com/openclaw/openclaw
- github.com/openclaw/openclaw/commit/79a7b3d22ef92e36a4031093d80a0acb0d82f351
- github.com/openclaw/openclaw/commit/d3da67c7a9b463edc1a9b1c1f7af107a34ca32f5
- github.com/openclaw/openclaw/commit/def993dbd843ff28f2b3bad5cc24603874ba9f1e
- github.com/openclaw/openclaw/security/advisories/GHSA-33hm-cq8r-wc49
- nvd.nist.gov/vuln/detail/CVE-2026-32026
- www.vulncheck.com/advisories/openclaw-arbitrary-file-read-via-improper-temporary-path-validation-in-sandbox
Code Behaviors & Features
Detect and mitigate CVE-2026-32026 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →