CVE-2026-32030: OpenClaw vulnerable to sensitive file disclosure via stageSandboxMedia

March 3, 2026 (updated March 19, 2026)

When iMessage remote attachment fetching is enabled (channels.imessage.remoteHost), stageSandboxMedia accepted arbitrary absolute paths and used SCP to copy them into local staging.

If a non-attachment path reaches this flow, files outside expected iMessage attachment directories on the remote host can be staged.

References

github.com/advisories/GHSA-x9cf-3w63-rpq9
github.com/openclaw/openclaw
github.com/openclaw/openclaw/commit/1316e5740382926e45a42097b4bfe0aef7d63e8e
github.com/openclaw/openclaw/security/advisories/GHSA-x9cf-3w63-rpq9
nvd.nist.gov/vuln/detail/CVE-2026-32030

Code Behaviors & Features

Detect and mitigate CVE-2026-32030 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →