cvedb.io
CVE-2026-26972
MEDIUM · CVSS 6.7
EPSS exploitation probability: 0%
Published 2026-02-20T00:16:16.500 · Last modified 2026-06-17T10:26:27.980

Summary

OpenClaw is a personal AI assistant. In versions 2026.1.12 through 2026.2.12, OpenClaw browser download helpers accepted an unsanitized output path. When invoked via the browser control gateway routes, this allowed path traversal to write downloads outside the intended OpenClaw temp downloads directory. This issue is not exposed via the AI agent tool schema (no `download` action). Exploitation requires authenticated CLI access or an authenticated gateway RPC token. Version 2026.2.13 fixes the issue.

Affected products

openclaw — openclaw

Does this affect you?

Add your gear to cvedb and we'll alert you only when openclaw ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.