CVE-2026-42424
Local File Exfiltration via Trusted MEDIA Paths in OpenClaw
Publication date: 2026-04-28
Last updated on: 2026-04-30
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| openclaw | openclaw | to 2026.4.8 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-73 | The product allows user input to control or influence paths or file names that are used in filesystem operations. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-42424 is a vulnerability in OpenClaw versions before 2026.4.8 where shared reply MEDIA paths are incorrectly treated as trusted. This flaw allows an attacker to craft malicious shared reply MEDIA references that cause another communication channel within OpenClaw to read local file paths as if they were trusted generated media.
The root cause is a trust model flaw where resources are exposed to an incorrect trust boundary, classified under CWE-668 (Exposure of Resource to Wrong Sphere) and CWE-73 (External Control of File Name or Path). This enables cross-channel local file exfiltration, meaning local files can be read and potentially leaked through a different channel.
How can this vulnerability impact me? :
This vulnerability can lead to unauthorized local file exfiltration within the OpenClaw environment. An attacker who exploits this flaw can cause one channel to read local files by tricking the system into treating malicious shared reply MEDIA references as trusted media.
The impact includes potential exposure of sensitive local files to unauthorized parties, which can compromise confidentiality. The CVSS v4.0 base score of 5.9 indicates a moderate to high severity with a high confidentiality impact but no impact on integrity or availability.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, you should upgrade OpenClaw to version 2026.4.8 or later, where the issue has been fixed.
The vulnerability arises from treating shared reply MEDIA paths as trusted, so applying the patch that corrects this trust model flaw is the recommended immediate action.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows cross-channel local file exfiltration by exploiting the trust model of shared reply MEDIA paths in OpenClaw. This can potentially expose sensitive local files to unauthorized channels.
Such unauthorized exposure of local files could lead to violations of data protection regulations and standards like GDPR or HIPAA, which require strict controls over the confidentiality and integrity of sensitive data.
Therefore, if exploited, this vulnerability may compromise compliance with these regulations by enabling unauthorized access and disclosure of protected information.