CVE Catalog

CVE-2026-44112

Critical
Published: Translated: NVD NIST

Summary

OpenClaw before 2026.4.22 contains a time-of-check/time-of-use race condition in OpenShell sandbox filesystem writes that allows attackers to redirect writes outside the intended mount root. Attackers can exploit symlink swaps during filesystem operations to bypass sandbox restrictions and write files outside the local mount root.

Risk Assessment

This vulnerability poses a risk of unauthorized access to the filesystem, potentially leading to data loss or system integrity breaches. Organizations should be aware of the possibility of attackers bypassing sandbox protections.

Recommendation

It is recommended to update OpenClaw to version 2026.4.22 or later to mitigate this vulnerability. Additionally, conducting a filesystem security audit is advisable to minimize risks.

Original NVD description (English source)

OpenClaw before 2026.4.22 contains a time-of-check/time-of-use race condition in OpenShell sandbox filesystem writes that allows attackers to redirect writes outside the intended mount root. Attackers can exploit symlink swaps during filesystem operations to bypass sandbox restrictions and write files outside the local mount root.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS