CVE-2026-32846

HighPublic PoC

Published: 26 March 2026

Published

26 March 2026

Modified

31 March 2026

KEV Added

—

Patch

—

CVSS Score 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS Score 0.0009 26.2th percentile

Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-32846 is a high-severity Path Traversal (CWE-22) vulnerability in Openclaw Openclaw. Its CVSS base score is 7.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 26.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and SI-10 (Information Input Validation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190) and 1 other technique. What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match

prevent

Directly requires validation of media parsing inputs to prevent path traversal bypasses in the isLikelyLocalPath() and isValidMedia() functions.

SI-2 Flaw Remediation good match

prevent

Mandates timely identification, reporting, and correction of the specific path traversal flaw fixed in commit 4797bbc.

AC-3 Access Enforcement good match

prevent

Enforces approved authorizations for file access to block reads of arbitrary files outside the intended application sandbox.

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

T1005 Data from Local System Collection

Adversaries may search local system sources, such as file systems, configuration files, local databases, virtual machine files, or process memory, to find files of interest and sensitive data prior to Exfiltration.

attack.mitre.org →

Why these techniques?

Remote path traversal in public-facing media parser directly enables T1190 exploitation for unauthenticated arbitrary file read, which maps to T1005 for accessing local system files/credentials.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

OpenClaw through 2026.3.23 (fixed in commit 4797bbc) contains a path traversal vulnerability in media parsing that allows attackers to read arbitrary files by bypassing path validation in the isLikelyLocalPath() and isValidMedia() functions. Attackers can exploit incomplete validation and the allowBareFilename…

bypass to reference files outside the intended application sandbox, resulting in disclosure of sensitive information including system files, environment files, and SSH keys.

Deeper analysisAI

CVE-2026-32846 is a path traversal vulnerability (CWE-22) affecting OpenClaw through version 2026.3.23, specifically in the media parsing component. The flaw arises from incomplete path validation in the isLikelyLocalPath() and isValidMedia() functions, which can be bypassed using the allowBareFilename option. This allows attackers to reference files outside the application's intended sandbox, leading to arbitrary file read access. The vulnerability has a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).

Any remote attacker without privileges can exploit this vulnerability over the network with low complexity and no user interaction required. By crafting malicious media inputs that evade the path checks, attackers can disclose sensitive information, including system files, environment variables, and SSH keys.

Mitigation is available via the fix in commit 4797bbc5b96e2cca5532e43b58915c051746fe37, as detailed in the OpenClaw GitHub security advisory GHSA-f6pf-4gjx-c94r and related pull requests #54642. Security practitioners should update to a version incorporating this commit and review media parsing inputs for similar bypasses, per advisories from VulnCheck.

Details

CWE(s): CWE-22

Affected Products

openclaw

≤ 2026.3.23

CVEs Like This One

CVE-2026-32030Same product: Openclaw Openclaw

CVE-2026-33581Same product: Openclaw Openclaw

CVE-2026-28462Same product: Openclaw Openclaw

CVE-2026-32026Same product: Openclaw Openclaw

CVE-2026-32033Same product: Openclaw Openclaw

CVE-2026-22171Same product: Openclaw Openclaw

CVE-2026-28453Same product: Openclaw Openclaw

CVE-2026-35668Same product: Openclaw Openclaw

CVE-2026-32055Same product: Openclaw Openclaw

CVE-2026-28482Same product: Openclaw Openclaw

References

https://github.com/openclaw/openclaw/commit/4797bbc5b96e2cca5532e43b58915c051746fe37
Patch · disclosure@vulncheck.com
https://github.com/openclaw/openclaw/pull/54642
Exploit, Issue Tracking, Vendor Advisory · disclosure@vulncheck.com
https://github.com/openclaw/openclaw/security/advisories/GHSA-f6pf-4gjx-c94r
Broken Link · disclosure@vulncheck.com
https://www.vulncheck.com/advisories/openclaw-media-parsing-path-traversal-to-arbitrary-file-read
Third Party Advisory · disclosure@vulncheck.com
https://github.com/openclaw/openclaw/pull/54642
Exploit, Issue Tracking, Vendor Advisory · 134c704f-9b21-4f2e-91b3-4a467353bcc0