CVE-2026-32055
Published: 21 March 2026
Summary
CVE-2026-32055 is a high-severity Path Traversal (CWE-22) vulnerability in Openclaw Openclaw. Its CVSS base score is 7.6 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 23.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and SI-10 (Information Input Validation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Validates file paths and symlink resolutions in workspace boundary checks to prevent path traversal attacks that allow arbitrary file writes outside the workspace.
Enforces logical access controls to restrict file write operations to authorized workspace boundaries, blocking unauthorized escapes via symlinks.
Controls information flows within the system to prevent write operations from traversing workspace boundaries through improperly resolved symlinks.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Network path traversal with arbitrary file write directly enables remote exploitation of the public-facing app (T1190) and allows adversaries to write/transfer files or tools into arbitrary filesystem locations (T1105).
NVD Description
OpenClaw versions prior to 2026.2.26 contain a path traversal vulnerability in workspace boundary validation that allows attackers to write files outside the workspace through in-workspace symlinks pointing to non-existent out-of-root targets. The vulnerability exists because the boundary check improperly resolves…
more
aliases, permitting the first write operation to escape the workspace boundary and create files in arbitrary locations.
Deeper analysisAI
CVE-2026-32055, published on 2026-03-21, is a path traversal vulnerability (CWE-22) in OpenClaw versions prior to 2026.2.26. The issue lies in the workspace boundary validation logic, which improperly resolves aliases for in-workspace symlinks pointing to non-existent out-of-root targets. This flaw permits the initial write operation to bypass the workspace boundary, enabling file creation in arbitrary locations on the filesystem.
With a CVSS v3.1 base score of 7.6 (AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L), the vulnerability can be exploited over the network by attackers possessing low privileges, such as authenticated users with workspace access. Exploitation requires no user interaction and allows arbitrary file writes outside the workspace, resulting in high integrity impact through unauthorized file creation, alongside limited confidentiality and availability effects.
Patches addressing the vulnerability are available in OpenClaw repository commits 1aef45bc060b28a0af45a67dc66acd36aef763c9 and 46eba86b45e9db05b7b792e914c4fe0de1b40a23. The GitHub Security Advisory GHSA-mgrq-9f93-wpp5 and VulnCheck advisory at https://www.vulncheck.com/advisories/openclaw-workspace-path-boundary-bypass-via-non-existent-symlink provide further details, recommending an upgrade to OpenClaw 2026.2.26 or later to mitigate the issue.
Details
- CWE(s)