Locus-X64

**Name of the Vulnerable Software and Affected Versions** OpenClaw versions 2026.1.12 through 2026.2.12 **Description** OpenClaw browser download helpers accepted an unsanitized output path. When invoked via the browser control gateway routes, this allowed path traversal, enabling writes outside the intended OpenClaw temp downloads directory. The issue is not exposed via the AI agent tool schema. Exploitation requires authenticated CLI access or an authenticated gateway RPC token. The affected code is located in `src/browser/pw-tools-core.downloads.ts` within the `waitForDownloadViaPlaywright` and `downloadViaPlaywright` functions. The API endpoints `/wait/download` and `/download` are affected, specifically the `path` parameter. **Recommendations** Upgrade to OpenClaw version 2026.2.13 or later.

**Name of the Vulnerable Software and Affected Versions** python-socketio versions prior to 5.14.0 **Description** python-socketio is a Python implementation of the Socket.IO realtime client and server. A remote code execution issue in python-socketio allows attackers to execute arbitrary Python code through malicious pickle deserialization in multi-server deployments where the attacker has previously gained access to the message queue used for internal communications. The issue stems from deserialization of messages using Python's `pickle.loads()` function. An attacker can send a crafted pickle payload that executes arbitrary code during deserialization via Python's ` reduce ` method. This vulnerability only affects deployments with a compromised message queue. The attack can lead to the attacker executing random code in the context of, and with the privileges of a Socket.IO server process. Single-server systems that do not use a message queue, and multi-server systems with a secure message queue are not vulnerable. **Recommendations** Upgrade to python-socketio version 5.14.0 or newer, which removes the `pickle` module and uses JSON encoding for inter-server messaging.