CVE-2026-43567

MEDIUM 6.5

OpenClaw < 2026.4.10 - Path Traversal in screen_record outPath Parameter

CVSS Score

6.5

EPSS Score

0.0%

EPSS Percentile

0th

OpenClaw before 2026.4.10 contains a path traversal vulnerability in the screen_record tool's outPath parameter that bypasses workspace-only filesystem guards. Attackers can exploit this by specifying an outPath outside the workspace boundary to write files to unintended locations on the system.

CWE	CWE-862
Vendor	openclaw
Product	openclaw
Published	May 5, 2026

Stay Ahead of the Next One

Get instant alerts for openclaw openclaw

Be the first to know when new medium vulnerabilities affecting openclaw openclaw are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

High

Availability

None

Affected Versions

OpenClaw / OpenClaw

0 < 2026.4.10

References

NVD ↗ CVE.org ↗ EPSS Data ↗

github.com: https://github.com/openclaw/openclaw/security/advisories/GHSA-jf25-7968-h2h5 github.com: https://github.com/openclaw/openclaw/commit/635bb35b68d8faa5bfa2fda35feadd315122748a vulncheck.com: https://www.vulncheck.com/advisories/openclaw-path-traversal-in-screen-record-outpath-parameter