PT-2026-27025 · Npm · Openclaw

Publicado

2026-03-12

·

Atualizado

2026-03-12

CVSS v4.0

7.2

Alta

VetorAV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N

Summary

openclaw had a workspace boundary bypass in workspace-only path validation: when an in-workspace symlink pointed outside the workspace to a non-existent leaf, the first write could pass validation and create the file outside the workspace.

Affected Packages / Versions

  • Package: openclaw (npm)
  • Vulnerable versions: <= 2026.2.25
  • Patched versions: >= 2026.2.26 (pre-set for next planned release)
  • Latest published npm version at update time: 2026.2.25

Details

The boundary check path resolved aliases in a way that allowed a non-existent out-of-root symlink target to pass the initial validation window. A first write through the guarded workspace path could therefore escape the workspace boundary.
The fix hardens canonical boundary resolution so missing-leaf alias paths are evaluated against canonical containment, while preserving valid in-root aliases. This closes the first-write escape condition without regressing valid in-root alias usage.

Fix Commit(s)

  • 46eba86b45e9db05b7b792e914c4fe0de1b40a23
  • 1aef45bc060b28a0af45a67dc66acd36aef763c9

Release Process Note

patched versions is pre-set to the planned next release (2026.2.26). Once npm release 2026.2.26 is published, this advisory can be published directly.
Thanks @tdjackey for reporting.

Correção

Path traversal

Link Following

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-22CWE-59

Identificadores relacionados

GHSA-MGRQ-9F93-WPP5

Produtos afetados

Openclaw