CVE-2026-32026
MEDIUM6.5EPSS 0.08%Temporary path handling could write outside OpenClaw temp boundary
描述
### Summary Sandbox media local-path validation accepted absolute paths under host tmp, even when those paths were outside the active sandbox root. ### Affected Packages / Versions - Package: `openclaw` (npm) - Latest published version verified during triage: `2026.2.23` - Affected versions: `<= 2026.2.23` - Patched versions (planned next release): `>= 2026.2.24` ### Details In affected versions, sandbox media path resolution allowed absolute host tmp paths as trusted media inputs when they were under `os.tmpdir()`, without requiring that the path stay within the active `sandboxRoot`. Because outbound attachment hydration consumed these paths as already validated, this enabled out-of-sandbox host tmp file reads and exfiltration through attachment delivery. ### Impact - Confidentiality impact: high for deployments relying on `sandboxRoot` as a strict local filesystem boundary. - Practical impact: attacker-controlled media references could read and attach host tmp files outside the sandbox workspace boundary. ### Remediation - Restrict sandbox tmp-path acceptance to OpenClaw-managed temp roots only. - Default SDK/extension temp helpers to OpenClaw-managed temp roots. - Add CI guardrails to prevent broad tmp-root regressions in messaging/channel code paths. ### Fix Commit(s) - `d3da67c7a9b463edc1a9b1c1f7af107a34ca32f5` - `79a7b3d22ef92e36a4031093d80a0acb0d82f351` - `def993dbd843ff28f2b3bad5cc24603874ba9f1e` ### Release Process Note The advisory is pre-set with patched version `2026.2.24` so it is ready for publication once that npm release is available. OpenClaw thanks @tdjackey for reporting. ### Publication Update (2026-02-25) `[email protected]` is published on npm and contains the fix commit(s) listed above. This advisory now marks `>= 2026.2.24` as patched.
受影響套件(1)
- npm/openclawfrom 0, < 2026.2.24
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 4.0 | — | CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N |
| osv | CVSS 3.1 | MEDIUM6.5 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
參考連結(7)
- ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2026-32026
- PATCHhttps://github.com/openclaw/openclaw
- WEBhttps://github.com/openclaw/openclaw/commit/79a7b3d22ef92e36a4031093d80a0acb0d82f351
- WEBhttps://github.com/openclaw/openclaw/commit/d3da67c7a9b463edc1a9b1c1f7af107a34ca32f5
- WEBhttps://github.com/openclaw/openclaw/commit/def993dbd843ff28f2b3bad5cc24603874ba9f1e
- WEBhttps://github.com/openclaw/openclaw/security/advisories/GHSA-33hm-cq8r-wc49
- WEBhttps://www.vulncheck.com/advisories/openclaw-arbitrary-file-read-via-improper-temporary-path-validation-in-sandbox