CVE-2026-41366
Received Received - Intake
Local File Read via Self-Whitelisting Flaw in OpenClaw

Publication date: 2026-04-28

Last updated on: 2026-04-28

Assigner: VulnCheck

Description
OpenClaw before 2026.3.31 contains a local roots self-whitelisting vulnerability in appendLocalMediaParentRoots that allows model-initiated arbitrary host file read. Attackers can exploit improper media parent directory validation to exfiltrate credentials and access sensitive files.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-28
Last Modified
2026-04-28
Generated
2026-06-16
AI Q&A
2026-04-28
EPSS Evaluated
2026-06-14
NVD
CVE-2026-41366
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
openclaw openclaw to 2026.3.31 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-732 The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-41366 is a vulnerability in OpenClaw versions before 2026.3.31 involving a local roots self-whitelisting flaw in the function appendLocalMediaParentRoots.

This flaw allows a model to initiate arbitrary host file reads by improperly validating media parent directories, which leads to unauthorized expansion of filesystem roots that the system trusts.

Attackers can exploit this to exfiltrate sensitive files and credentials from the host system by tricking the system into including unauthorized directories as trusted local roots.

Impact Analysis

This vulnerability can allow attackers with some level of access to read arbitrary files on the host system that should be restricted.

By exploiting the improper validation of media parent directories, attackers can exfiltrate credentials and other sensitive information stored in files on the host.

The impact includes unauthorized disclosure of sensitive data, which could lead to further compromise or privilege escalation.

Mitigation Strategies

To mitigate the vulnerability CVE-2026-41366, you should upgrade OpenClaw to version 2026.3.31 or later, as this version contains the fix that removes the self-whitelisting behavior in appendLocalMediaParentRoots.

The fix prevents the local roots from being widened based on media source paths, thereby restricting unauthorized filesystem access and preventing arbitrary host file reads.

Compliance Impact

The vulnerability in OpenClaw allows attackers to exfiltrate credentials and access sensitive files by exploiting improper validation of media parent directories. This unauthorized access to sensitive data could lead to non-compliance with data protection regulations such as GDPR and HIPAA, which require strict controls over access to personal and sensitive information.

Specifically, the flaw enables arbitrary host file reads, potentially exposing confidential information that must be protected under these standards. Organizations using affected versions of OpenClaw may face increased risk of data breaches and regulatory penalties if this vulnerability is exploited.

The fix implemented in version 2026.3.31 mitigates this risk by preventing the system from implicitly trusting or including arbitrary filesystem locations based on media file paths, thereby reducing the chance of unauthorized data exposure.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-41366. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart