CVE Catalog

CVE-2026-53813

HighCVSS 7.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.01%

2th percentile - higher than 2% of all known CVEs

Summary

OpenClaw before version 2026.4.25 contains a path traversal vulnerability in memory-core artifact loading where workspace state influences local package root resolution. Attackers with access to affected workspaces can load memory-core artifacts from unintended local locations, potentially executing malicious code or accessing sensitive data.

Risk Assessment

Organizations may be exposed to the execution of malicious code and leakage of sensitive data if attackers gain access to vulnerable workspaces.

Recommendation

It is recommended to update OpenClaw to version 2026.4.25 or later and to restrict access to workspaces only to trusted users.

Original NVD description (English source)

OpenClaw before 2026.4.25 contains a path traversal vulnerability in memory-core artifact loading where workspace state influences local package root resolution. Attackers with access to affected workspaces can load memory-core artifacts from unintended local locations, potentially executing malicious code or accessing sensitive data.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS