GHSA-7XR2-Q9VF-X4R5: Symlink Traversal via IDENTITY.md in OpenClaw
Vulnerability ID: GHSA-7XR2-Q9VF-X4R5
CVSS Score: 8.8
Published: 2026-03-26
The openclaw npm package version 2026.2.25 and earlier contains a symlink traversal vulnerability due to an incomplete fix for CVE-2026-32013. The vulnerability exists in the agents.create and agents.update methods, allowing an authenticated attacker to append arbitrary data to restricted system files.
TL;DR
An incomplete patch in openclaw allows authenticated users to append arbitrary data to any file on the host system via a symlink traversal attack in the IDENTITY.md file handling. Upgrading to version 2026.2.26 remediates this issue.
⚠️ Exploit Status: POC
Technical Details
- CWE ID: CWE-61
- Attack Vector: Network
- CVSS Score: 8.8
- Impact: Arbitrary File Append / Potential RCE
- Exploit Status: Proof of Concept Available
- KEV Status: Not Listed
Affected Systems
- openclaw npm package <= 2026.2.25
- Node.js applications integrating openclaw
-
openclaw: <= 2026.2.25 (Fixed in:
2026.2.26)
Mitigation Strategies
- Update openclaw package to version 2026.2.26
- Run the application with minimal file system privileges
- Regularly audit workspace directories for unauthorized symbolic links
Remediation Steps:
- Identify all projects depending on the openclaw package.
- Update the package.json file to require openclaw version 2026.2.26 or later.
- Execute 'npm install' or 'yarn install' to update the dependency tree.
- Restart the Node.js application process.
- Verify that the openclaw process runs under a restricted user account.
References
- GitHub Advisory GHSA-7XR2-Q9VF-X4R5
- Primary Advisory (Incomplete Fix Target)
- NVD Detail (CVE-2026-32013)
- Package URL
- VulnCheck Intelligence
Read the full report for GHSA-7XR2-Q9VF-X4R5 on our website for more details including interactive diagrams and full exploit analysis.
Top comments (0)