CVE-2026-28393

Description

## Summary OpenClaw hook mapping transforms could be loaded via absolute paths or `..` traversal, allowing arbitrary JavaScript module loading/execution in the gateway process when an attacker can modify hooks configuration. ## Affected Versions - Affected: >= 2.0.0-beta3 and <= 2026.2.13 - Fixed: 2026.2.14 ## Details `hooks.mappings[].transform.module` is dynamically imported and executed during webhook processing. Path resolution previously accepted absolute paths and did not enforce containment for relative paths, so a config-controlled transform could resolve outside the intended transforms directory. ## Impact If an attacker can write the OpenClaw config (or otherwise update hooks config through authenticated configuration mechanisms), they could point a hook mapping transform at an arbitrary module on disk and execute code with the gateway process privileges. ## Reproduction (config-controlled module load) 1. Configure a hook mapping that points to a transform path that escapes the transforms directory (for example via `..` traversal). 2. Place a malicious ESM module at the resolved location that executes arbitrary code in the gateway process. 3. Trigger the hook endpoint with the correct hook token. ## Fix Transform loading is now constrained to the OpenClaw transforms root directory: - Root: `~/.openclaw/hooks/transforms` - `hooks.transformsDir` must be within that directory - `transform.module` must be within the selected transforms directory Attempts to escape the root (absolute paths outside, `..` traversal) are rejected. Fix commit(s): - a0361b8ba959e8506dc79d638b6e6a00d12887e4 - 18e8bd68c5015a894f999c6d5e6e32468965bfb5 ## Credits OpenClaw thanks @akhmittra for reporting.

How to fix CVE-2026-28393

To remediate CVE-2026-28393, upgrade the affected package to a fixed version below.

• —upgrade to 2026.2.14 or later

Is CVE-2026-28393 being exploited?

Low — EPSS is 0.1%, meaning exploitation activity has not been observed at scale.

Affected packages (1)