CVE-2026-42424
Received Received - Intake
Local File Exfiltration via Trusted MEDIA Paths in OpenClaw

Publication date: 2026-04-28

Last updated on: 2026-04-30

Assigner: VulnCheck

Description
OpenClaw before 2026.4.8 treats shared reply MEDIA paths as trusted, allowing crafted references to trigger cross-channel local file exfiltration. Attackers can exploit this by crafting malicious shared reply MEDIA references to cause another channel to read local file paths as trusted generated media.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-28
Last Modified
2026-04-30
Generated
2026-06-16
AI Q&A
2026-04-28
EPSS Evaluated
2026-06-15
NVD
CVE-2026-42424
EUVD
EUVD-2026-26127
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
openclaw openclaw to 2026.4.8 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-73 The product allows user input to control or influence paths or file names that are used in filesystem operations.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-42424 is a vulnerability in OpenClaw versions before 2026.4.8 where shared reply MEDIA paths are incorrectly treated as trusted. This flaw allows an attacker to craft malicious shared reply MEDIA references that cause another communication channel within OpenClaw to read local file paths as if they were trusted generated media.

The root cause is a trust model flaw where resources are exposed to an incorrect trust boundary, classified under CWE-668 (Exposure of Resource to Wrong Sphere) and CWE-73 (External Control of File Name or Path). This enables cross-channel local file exfiltration, meaning local files can be read and potentially leaked through a different channel.

Impact Analysis

This vulnerability can lead to unauthorized local file exfiltration within the OpenClaw environment. An attacker who exploits this flaw can cause one channel to read local files by tricking the system into treating malicious shared reply MEDIA references as trusted media.

The impact includes potential exposure of sensitive local files to unauthorized parties, which can compromise confidentiality. The CVSS v4.0 base score of 5.9 indicates a moderate to high severity with a high confidentiality impact but no impact on integrity or availability.

Mitigation Strategies

To mitigate this vulnerability, you should upgrade OpenClaw to version 2026.4.8 or later, where the issue has been fixed.

The vulnerability arises from treating shared reply MEDIA paths as trusted, so applying the patch that corrects this trust model flaw is the recommended immediate action.

Compliance Impact

The vulnerability allows cross-channel local file exfiltration by exploiting the trust model of shared reply MEDIA paths in OpenClaw. This can potentially expose sensitive local files to unauthorized channels.

Such unauthorized exposure of local files could lead to violations of data protection regulations and standards like GDPR or HIPAA, which require strict controls over the confidentiality and integrity of sensitive data.

Therefore, if exploited, this vulnerability may compromise compliance with these regulations by enabling unauthorized access and disclosure of protected information.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-42424. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart