CVE-2026-32033

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.2.24

Description OpenClaw versions prior to 2026.2.24 contain a path traversal vulnerability. Absolute paths with a '@' prefix bypass workspace-only file-system boundary validation due to a canonicalization mismatch. Attackers can exploit this by crafting @-prefixed paths, such as @/etc/passwd, to read files outside the intended workspace boundary when tools.fs.workspaceOnly is enabled. The issue occurs because certain @-prefixed absolute paths are validated before canonicalization, while runtime path handling normalizes the prefix differently, allowing reads outside the intended workspace boundary.

Recommendations Update OpenClaw to version 2026.2.24 or later.