CVE-2026-35632
Published: 09 April 2026
Summary
CVE-2026-35632 is a high-severity UNIX Symbolic Link (Symlink) Following (CWE-61) vulnerability in Openclaw Openclaw. Its CVSS base score is 7.1 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Cron (T1053.003); ranked at the 25.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly remediates the symlink traversal flaw in OpenClaw's agents.create and agents.update handlers by applying vendor patches to enforce symlink containment checks.
Requires validation of file paths and symlink checks prior to fs.appendFile operations to block attackers from planting symlinks for arbitrary file appends.
Monitors integrity of critical files like crontab and SSH authorized_keys to identify unauthorized content appended via symlink traversal exploits.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Symlink traversal enables arbitrary file appends, directly facilitating crontab injection (T1053.003) for RCE and SSH authorized_keys manipulation (T1098.004) for access.
NVD Description
OpenClaw through 2026.2.22 contains a symlink traversal vulnerability in agents.create and agents.update handlers that use fs.appendFile on IDENTITY.md without symlink containment checks. Attackers with workspace access can plant symlinks to append attacker-controlled content to arbitrary files, enabling remote code execution…
more
via crontab injection or unauthorized access via SSH key manipulation.
Deeper analysisAI
CVE-2026-35632, published on 2026-04-09, is a symlink traversal vulnerability in OpenClaw versions through 2026.2.22. The flaw affects the agents.create and agents.update handlers, which invoke fs.appendFile on IDENTITY.md without symlink containment checks, as associated with CWE-61. It carries a CVSS v3.1 base score of 7.1 (AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H).
An attacker with workspace access and low privileges can exploit this vulnerability to plant symlinks, enabling the append of attacker-controlled content to arbitrary files outside the intended directory. Successful exploitation allows remote code execution through crontab injection or unauthorized access via SSH key manipulation.
Mitigation details and patches are documented in advisories such as the GitHub Security Advisory at https://github.com/openclaw/openclaw/security/advisories/GHSA-7xr2-q9vf-x4r5 and VulnCheck's analysis at https://www.vulncheck.com/advisories/openclaw-symlink-traversal-via-identity-md-appendfile-in-agents-create-update.
Details
- CWE(s)