CVE-2026-43533
Undergoing Analysis Undergoing Analysis - In Progress
Arbitrary File Read in OpenClaw QQBot Media Tags

Publication date: 2026-05-05

Last updated on: 2026-05-07

Assigner: VulnCheck

Description
OpenClaw before 2026.4.10 contains an arbitrary file read vulnerability in QQBot media tags that allows attackers to reference host-local paths outside the intended media storage boundary. Attackers can craft malicious reply text containing media tags to disclose arbitrary local files through outbound media handling.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-05
Last Modified
2026-05-07
Generated
2026-06-16
AI Q&A
2026-05-05
EPSS Evaluated
2026-06-15
NVD
CVE-2026-43533
EUVD
EUVD-2026-27277
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
openclaw openclaw to 2026.4.10 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-23 The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize sequences such as ".." that can resolve to a location that is outside of that directory.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-43533 is an arbitrary file read vulnerability in OpenClaw versions before 2026.4.10. It occurs in the QQBot media tags feature, where attackers can craft malicious reply text containing media tags that reference local file paths outside the intended media storage boundary. This allows attackers to read arbitrary local files on the host system through outbound media handling.

Compliance Impact

The vulnerability allows attackers to read arbitrary local files outside the intended media storage boundary, potentially leading to unauthorized disclosure of sensitive or personal data.

Such unauthorized data disclosure could impact compliance with data protection regulations like GDPR or HIPAA, which require strict controls over access to personal and sensitive information.

If exploited, this vulnerability might result in breaches of confidentiality obligations mandated by these standards, thereby increasing legal and regulatory risks for affected organizations.

Impact Analysis

This vulnerability can lead to unauthorized disclosure of sensitive local files on the host system. Attackers exploiting this issue can access files outside the designated media storage area, potentially exposing confidential information or system files. This can compromise the security and privacy of the affected system.

Mitigation Strategies

To mitigate the arbitrary file read vulnerability in OpenClaw's QQBot media tags, you should upgrade your OpenClaw installation to version 2026.4.10 or later.

The vulnerability is fixed in version 2026.4.10 and all subsequent releases, including the latest 2026.4.14.

This update enforces media storage boundaries and prevents outbound media tags from referencing host-local paths outside the intended directory.

Detection Guidance

This vulnerability involves arbitrary local file reads via QQBot media tags in OpenClaw versions before 2026.4.10. Detection would involve monitoring for suspicious outbound media tags referencing local file paths outside the intended media storage boundary.

Since the vulnerability is triggered by crafted reply text containing malicious media tags, one approach is to inspect logs or network traffic for outbound media requests or replies that include unusual or unexpected local file paths.

There are no specific detection commands provided in the available resources. However, general detection steps could include:

  • Review application logs for outbound media tag usage or errors related to file path access.
  • Use network monitoring tools (e.g., tcpdump, Wireshark) to capture outbound traffic and filter for media-related requests that reference local file paths.
  • Search for suspicious reply text containing media tags with path traversal patterns (e.g., '../') in logs or intercepted messages.

To mitigate detection complexity, upgrading OpenClaw to version 2026.4.10 or later is strongly recommended, as the vulnerability is fixed in these versions.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-43533. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart