CVE-2026-4040

LOW 3.3

OpenClaw File Existence tools.exec.safeBins information exposure

CVSS Score

3.3

EPSS Score

0.0%

EPSS Percentile

0th

A vulnerability was identified in OpenClaw up to 2026.2.17. This issue affects the function tools.exec.safeBins of the component File Existence Handler. The manipulation leads to information exposure through discrepancy. The attack needs to be performed locally. Upgrading to version 2026.2.19-beta.1 is capable of addressing this issue. The identifier of the patch is bafdbb6f112409a65decd3d4e7350fbd637c7754. Upgrading the affected component is advised.

CWE	CWE-203 CWE-200
Vendor	n/a
Product	openclaw
Published	Mar 12, 2026
Last Updated	Mar 12, 2026

Stay Ahead of the Next One

Get instant alerts for n/a openclaw

Be the first to know when new low vulnerabilities affecting n/a openclaw are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:X/RL:O/RC:C

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

Affected Versions

n/a / OpenClaw

2026.2.0 2026.2.1 2026.2.2 2026.2.3 2026.2.4 2026.2.5 2026.2.6 2026.2.7 2026.2.8 2026.2.9 2026.2.10 2026.2.11 2026.2.12 2026.2.13 2026.2.14 2026.2.15 2026.2.16 2026.2.17

References

NVD ↗ CVE.org ↗ EPSS Data ↗

vuldb.com: https://vuldb.com/?id.350652 vuldb.com: https://vuldb.com/?ctiid.350652 vuldb.com: https://vuldb.com/?submit.769581 github.com: https://github.com/openclaw/openclaw/security/advisories/GHSA-6c9j-x93c-rw6j github.com: https://github.com/openclaw/openclaw/commit/bafdbb6f112409a65decd3d4e7350fbd637c7754 github.com: https://github.com/openclaw/openclaw/releases/tag/v2026.2.19-beta.1 github.com: https://github.com/openclaw/openclaw/

Credits

🔍 nedlir (VulDB User)