CVE-2026-28457

OpenClaw versions prior to 2026.2.14 contain a path traversal vulnerability in sandbox skill mirroring (must be enabled) that uses the skill frontmatter name parameter unsanitized when copying skills into the sandbox workspace. Attackers who provide a crafted skill package with traversal sequences like ../ or absolute paths in the name field can write files outside the sandbox workspace root directory.

CVSS v3 6.1 MEDIUM

6.1^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 4.2

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact LOW

Scope UNCHANGED

References

Link	Resource
https://github.com/openclaw/openclaw/commit/3eb6a31b6fcf8268456988bfa8e3637d373438c2	Patch
https://github.com/openclaw/openclaw/security/advisories/GHSA-xw4p-pw82-hqr7	Vendor Advisory Patch
https://www.vulncheck.com/advisories/openclaw-path-traversal-in-sandbox-skill-mirroring-via-name-parameter	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*

History

09 Mar 2026, 17:43

Type	Values Removed	Values Added
CPE		cpe:2.3:a:openclaw:openclaw::::::node.js::*
First Time		Openclaw openclaw Openclaw
References	~~() https://github.com/openclaw/openclaw/commit/3eb6a31b6fcf8268456988bfa8e3637d373438c2 -~~	() https://github.com/openclaw/openclaw/commit/3eb6a31b6fcf8268456988bfa8e3637d373438c2 - Patch
References	~~() https://github.com/openclaw/openclaw/security/advisories/GHSA-xw4p-pw82-hqr7 -~~	() https://github.com/openclaw/openclaw/security/advisories/GHSA-xw4p-pw82-hqr7 - Vendor Advisory, Patch
References	~~() https://www.vulncheck.com/advisories/openclaw-path-traversal-in-sandbox-skill-mirroring-via-name-parameter -~~	() https://www.vulncheck.com/advisories/openclaw-path-traversal-in-sandbox-skill-mirroring-via-name-parameter - Third Party Advisory

09 Mar 2026, 13:36

Type	Values Removed	Values Added
Summary		(es) Las versiones de OpenClaw anteriores a 2026.2.14 contienen una vulnerabilidad de salto de ruta en la duplicación de habilidades de sandbox (debe estar habilitada) que utiliza el parámetro 'name' del 'frontmatter' de la habilidad sin sanitizar al copiar habilidades en el espacio de trabajo de la sandbox. Los atacantes que proporcionan un paquete de habilidad manipulado con secuencias de salto como ../ o rutas absolutas en el campo 'name' pueden escribir archivos fuera del directorio raíz del espacio de trabajo de la sandbox.

06 Mar 2026, 17:16

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~5.3~~	v2 : unknown v3 : 6.1

05 Mar 2026, 23:16

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~7.5~~	v2 : unknown v3 : 5.3

05 Mar 2026, 22:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-03-05 22:16

Updated : 2026-03-09 17:43

NVD link : CVE-2026-28457

Mitre link : CVE-2026-28457

CVE.ORG link : CVE-2026-28457

JSON object : View

Products Affected

openclaw

openclaw

CWE

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

6.1 /10