CVE-2026-27670
Received Received - Intake
Race Condition in OpenClaw ZIP Extraction Allows Arbitrary File Write

Publication date: 2026-03-19

Last updated on: 2026-03-19

Assigner: VulnCheck

Description
OpenClaw versions prior to 2026.3.2 contain a race condition vulnerability in ZIP extraction that allows local attackers to write files outside the intended destination directory. Attackers can exploit a time-of-check-time-of-use race between path validation and file write operations by rebinding parent directory symlinks to redirect writes outside the extraction root.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-19
Last Modified
2026-03-19
Generated
2026-06-16
AI Q&A
2026-03-19
EPSS Evaluated
2026-06-15
NVD
CVE-2026-27670
EUVD
EUVD-2026-13009
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
openclaw openclaw to 2026.3.2 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-367 The product checks the state of a resource before using that resource, but the resource's state can change between the check and the use in a way that invalidates the results of the check.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Detection Guidance

[{'type': 'paragraph', 'content': 'This vulnerability involves a race condition during ZIP extraction where an attacker can rebind parent directory symlinks to write files outside the intended extraction directory. Detection involves monitoring for suspicious ZIP extraction activities that attempt to write files outside expected directories or unusual symlink rebinding during extraction.'}, {'type': 'paragraph', 'content': 'Since the vulnerability is local and related to file system operations, detection can include checking for unexpected file writes outside extraction directories and monitoring symlink changes during extraction.'}, {'type': 'paragraph', 'content': 'Suggested commands to help detect potential exploitation attempts include:'}, {'type': 'list_item', 'content': 'Use filesystem monitoring tools like inotifywait (Linux) to watch for symlink changes and file writes outside expected directories during ZIP extraction.'}, {'type': 'list_item', 'content': 'Example command to monitor symlink changes in the extraction directory:'}, {'type': 'list_item', 'content': "inotifywait -m -e attrib,create,modify,delete --format '%w%f %e' /path/to/extraction/directory"}, {'type': 'list_item', 'content': 'Check for unexpected files outside extraction roots by comparing extracted files against expected paths.'}, {'type': 'list_item', 'content': 'Use find to locate recently modified files outside extraction directories:'}, {'type': 'list_item', 'content': 'find / -type f -mmin -10 -exec ls -l {} \\;'}, {'type': 'paragraph', 'content': 'Additionally, reviewing logs or audit trails for ZIP extraction operations and any errors related to symlink traversal or file write failures may help detect exploitation attempts.'}] [1, 2, 3]

Executive Summary

CVE-2026-27670 is a race condition vulnerability in OpenClaw versions prior to 2026.3.2 that occurs during ZIP file extraction. The issue arises because the extraction process first validates file paths and then separately opens or writes to the files. Between these steps, an attacker can exploit a time-of-check to time-of-use (TOCTOU) race by rebinding parent directory symbolic links (symlinks). This allows the attacker to redirect file writes outside the intended extraction directory, potentially overwriting unauthorized files.

Technically, the vulnerability involves improper link resolution before file access (CWE-59) and TOCTOU race conditions (CWE-367). The flaw exists because path validation and file writing are not atomic, enabling attackers to manipulate symlinks during extraction to escape the designated directory.

Impact Analysis

This vulnerability allows a local attacker to write files outside the intended extraction directory during ZIP file extraction. This can lead to unauthorized file overwrites or creation of files in sensitive locations on the system.

  • Potential unauthorized modification or replacement of critical files.
  • Possible disruption of system or application behavior due to unexpected file changes.
  • Increased risk of privilege escalation or further exploitation if critical files are overwritten.
Compliance Impact

I don't know

Mitigation Strategies

The primary mitigation step is to upgrade OpenClaw to version 2026.3.2 or later, where the vulnerability has been fixed by eliminating the race condition during ZIP extraction.

The fix includes binding write operations directly to the opened file handle, verifying real paths with fs.realpath, and preventing symlink traversal by using no-follow flags when opening files.

If immediate upgrade is not possible, consider the following temporary mitigations:

  • Restrict local user permissions to prevent untrusted users from performing ZIP extraction operations.
  • Avoid extracting ZIP files from untrusted sources or run extraction in isolated environments with strict filesystem controls.
  • Monitor extraction directories for suspicious symlink changes or unexpected file writes as a detection measure.

Ultimately, applying the official patch or upgrading to the fixed version is the recommended and most effective mitigation.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-27670. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart