exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 2

CVE-2026-32033

15 дней назад

OpenClaw versions prior to 2026.2.24 contain a path traversal vulnerability where @-prefixed absolute paths bypass workspace-only file-system boundary validation due to canonicalization mismatch. Attackers can exploit this by crafting @-prefixed paths like @/etc/passwd to read files outside the intended workspace boundary when tools.fs.workspaceOnly is enabled.

CVSS3: 6.5

EPSS: Низкий

GHSA-27cr-4p5m-74rj

около 1 месяца назад

OpenClaw has a workspace-only sandbox guard mismatch for @-prefixed absolute paths

CVSS3: 7.5

EPSS: Низкий

Уязвимостей на страницу

	Уязвимость	CVSS	EPSS	Опубликовано
	CVE-2026-32033 OpenClaw versions prior to 2026.2.24 contain a path traversal vulnerability where @-prefixed absolute paths bypass workspace-only file-system boundary validation due to canonicalization mismatch. Attackers can exploit this by crafting @-prefixed paths like @/etc/passwd to read files outside the intended workspace boundary when tools.fs.workspaceOnly is enabled.	CVSS3: 6.5	0% Низкий	15 дней назад
	GHSA-27cr-4p5m-74rj OpenClaw has a workspace-only sandbox guard mismatch for @-prefixed absolute paths	CVSS3: 7.5	0% Низкий	около 1 месяца назад

Уязвимостей на страницу