CVE-2026-35658
MEDIUMOpenClaw < 2026.3.2 - Filesystem Boundary Bypass in Image Tool
Title source: cnaDescription
OpenClaw before 2026.3.2 contains a filesystem boundary bypass vulnerability in the image tool that fails to honor tools.fs.workspaceOnly restrictions. Attackers can traverse sandbox bridge mounts outside the workspace to read files that other filesystem tools would reject.
References (6)
Core 6
Core References
Third Party Advisory third-party-advisory
GitHub Security Advisory (GHSA-cfp9-w5v9-3q4h)
https://github.com/openclaw/openclaw/security/advisories/GHSA-cfp9-w5v9-3q4h
Patch patch
Patch Commit #1
https://github.com/openclaw/openclaw/commit/ccfeecb6887cd97937e33a71877ad512741e82b2
Patch patch
Patch Commit #2
https://github.com/openclaw/openclaw/commit/630f1479c44f78484dfa21bb407cbe6f171dac87
Patch patch
Patch Commit #3
https://github.com/openclaw/openclaw/commit/dd9d9c1c609dcb4579f9e57bd7b5c879d0146b53
Patch patch
Patch Commit #4
https://github.com/openclaw/openclaw/commit/14baadda2c456f3cf749f1f97e8678746a34a7f4
Third Party Advisory third-party-advisory
VulnCheck Advisory: OpenClaw < 2026.3.2 - Filesystem Boundary Bypass in Image Tool
https://www.vulncheck.com/advisories/openclaw-filesystem-boundary-bypass-in-image-tool
Scores
CVSS v3
6.5
EPSS
0.0029
EPSS Percentile
20.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-668
Status
published
Products (4)
npm/openclaw
0 - 2026.3.2npm
OpenClaw/OpenClaw
< 2026.3.2
openclaw/openclaw
< 2026.3.2
OpenClaw/OpenClaw
2026.3.2
Published
Apr 10, 2026
Tracked Since
Apr 10, 2026