CVE-2026-43533
Arbitrary File Read in OpenClaw QQBot Media Tags
Publication date: 2026-05-05
Last updated on: 2026-05-05
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| openclaw | openclaw | to 2026.4.10 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-23 | The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize sequences such as ".." that can resolve to a location that is outside of that directory. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows attackers to read arbitrary local files outside the intended media storage boundary, potentially leading to unauthorized disclosure of sensitive or personal data.
Such unauthorized data disclosure could impact compliance with data protection regulations like GDPR or HIPAA, which require strict controls over access to personal and sensitive information.
If exploited, this vulnerability might result in breaches of confidentiality obligations mandated by these standards, thereby increasing legal and regulatory risks for affected organizations.
Can you explain this vulnerability to me?
CVE-2026-43533 is an arbitrary file read vulnerability in OpenClaw versions before 2026.4.10. It occurs in the QQBot media tags feature, where attackers can craft malicious reply text containing media tags that reference local file paths outside the intended media storage boundary. This allows attackers to read arbitrary local files on the host system through outbound media handling.
How can this vulnerability impact me? :
This vulnerability can lead to unauthorized disclosure of sensitive local files on the host system. Attackers exploiting this issue can access files outside the designated media storage area, potentially exposing confidential information or system files. This can compromise the security and privacy of the affected system.
What immediate steps should I take to mitigate this vulnerability?
To mitigate the arbitrary file read vulnerability in OpenClaw's QQBot media tags, you should upgrade your OpenClaw installation to version 2026.4.10 or later.
The vulnerability is fixed in version 2026.4.10 and all subsequent releases, including the latest 2026.4.14.
This update enforces media storage boundaries and prevents outbound media tags from referencing host-local paths outside the intended directory.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability involves arbitrary local file reads via QQBot media tags in OpenClaw versions before 2026.4.10. Detection would involve monitoring for suspicious outbound media tags referencing local file paths outside the intended media storage boundary.
Since the vulnerability is triggered by crafted reply text containing malicious media tags, one approach is to inspect logs or network traffic for outbound media requests or replies that include unusual or unexpected local file paths.
There are no specific detection commands provided in the available resources. However, general detection steps could include:
- Review application logs for outbound media tag usage or errors related to file path access.
- Use network monitoring tools (e.g., tcpdump, Wireshark) to capture outbound traffic and filter for media-related requests that reference local file paths.
- Search for suspicious reply text containing media tags with path traversal patterns (e.g., '../') in logs or intercepted messages.
To mitigate detection complexity, upgrading OpenClaw to version 2026.4.10 or later is strongly recommended, as the vulnerability is fixed in these versions.