CVE-2026-53813
HighCVSS 7.8Exploitation Probability (EPSS)
Low risk2th percentile - higher than 2% of all known CVEs
Summary
OpenClaw before version 2026.4.25 contains a path traversal vulnerability in memory-core artifact loading where workspace state influences local package root resolution. Attackers with access to affected workspaces can load memory-core artifacts from unintended local locations, potentially executing malicious code or accessing sensitive data.
Risk Assessment
Organizations may be exposed to the execution of malicious code and leakage of sensitive data if attackers gain access to vulnerable workspaces.
Recommendation
It is recommended to update OpenClaw to version 2026.4.25 or later and to restrict access to workspaces only to trusted users.
Original NVD description (English source)
OpenClaw before 2026.4.25 contains a path traversal vulnerability in memory-core artifact loading where workspace state influences local package root resolution. Attackers with access to affected workspaces can load memory-core artifacts from unintended local locations, potentially executing malicious code or accessing sensitive data.

