CVE-2026-26972

Name of the Vulnerable Software and Affected Versions OpenClaw versions 2026.1.12 through 2026.2.12

Description OpenClaw browser download helpers accepted an unsanitized output path. When invoked via the browser control gateway routes, this allowed path traversal, enabling writes outside the intended OpenClaw temp downloads directory. The issue is not exposed via the AI agent tool schema. Exploitation requires authenticated CLI access or an authenticated gateway RPC token. The affected code is located in src/browser/pw-tools-core.downloads.ts within the waitForDownloadViaPlaywright and downloadViaPlaywright functions. The API endpoints /wait/download and /download are affected, specifically the path parameter.

Recommendations Upgrade to OpenClaw version 2026.2.13 or later.