CVE-2026-41296

HIGH

OpenClaw < 2026.3.31 - Sandbox Escape via TOCTOU Race in Remote FS Bridge readFile

Title source: cna

Description

OpenClaw before 2026.3.31 contains a time-of-check-time-of-use race condition in the remote filesystem bridge readFile function that allows sandbox escape. Attackers can exploit the separate path validation and file read operations to bypass sandbox restrictions and read arbitrary files.

References (3)

[Vendor Advisory] https://github.com/openclaw/openclaw/security/advisories/GHSA-9p3r-hh9g-5cmg

[Patch] https://github.com/openclaw/openclaw/commit/121870a08583033ed6a0ed73d9ffea32991252bb

View Patch ZIP pw:eip

[Third Party Advisory] https://www.vulncheck.com/advisories/openclaw-sandbox-escape-via-toctou-race-in-remote-fs-bridge-readfile

Scores

CVSS v3 8.2

EPSS 0.0003

EPSS Percentile 7.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N

Details

CWE

CWE-367

Status published

Products (3)

npm/openclaw 0 - 2026.3.31npm

OpenClaw/OpenClaw < 2026.3.31

OpenClaw/OpenClaw 2026.3.31

Published Apr 21, 2026

Tracked Since Apr 21, 2026