CVE-2026-44996

Published: Mag 11, 2026 Last Modified: Mag 11, 2026
ExploitDB:
Other exploit source:
Google Dorks:
MEDIUM 6,3
Source: [email protected]
Attack Vector: network
Attack Complexity: low
Privileges Required: none
User Interaction: none
Confidentiality: N/A
Integrity: N/A
Availability: N/A
LOW 3,7
Source: [email protected]
Attack Vector: network
Attack Complexity: high
Privileges Required: none
User Interaction: none
Scope: unchanged
Confidentiality: low
Integrity: none
Availability: none

Description

AI Translation Available

OpenClaw before 2026.4.15 contains an arbitrary local file read vulnerability in the webchat audio embedding helper that fails to apply local media root containment checks. Attackers can influence agent or tool-produced ReplyPayload.mediaUrl parameters to resolve absolute local paths or file URLs, read audio-like files, and embed them base64-encoded into webchat responses.

22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Stable
Abstraction: Base Structure: Simple
Common Consequences
Security Scopes Affected:
Integrity Confidentiality Availability
Potential Impacts:
Execute Unauthorized Code Or Commands Modify Files Or Directories Read Files Or Directories Dos: Crash, Exit, Or Restart
Applicable Platforms
Technologies: AI/ML
Likelihood of Exploit: High
View CWE Details
https://github.com/openclaw/openclaw/commit/6e58f1f9f54bca1…
https://github.com/openclaw/openclaw/commit/6e58f1f9f54bca1fea1268ec0ee4c01a2af…
https://github.com/openclaw/openclaw/security/advisories/GH…
https://github.com/openclaw/openclaw/security/advisories/GHSA-gfg9-5357-hv4c
https://www.vulncheck.com/advisories/openclaw-arbitrary-loc…
https://www.vulncheck.com/advisories/openclaw-arbitrary-local-file-read-via-web…