top of page
perceptive_background_267k.jpg

OpenClaw before 2026.3.31 contains a time-of-check-time-of-use race condition in the remote filesystem bridge readFile function that allows sandbox escape. Atta…

Published:

20 april 2026 om 22:00:00

Alert date:

21 april 2026 om 07:08:02

Source:

nvd.nist.gov

Click to open the original link from this advisory

Enterprise Applications

CVE-2026-41296 affects OpenClaw versions before 2026.3.31, containing a time-of-check-time-of-use (TOCTOU) race condition in the remote filesystem bridge readFile function. This vulnerability allows attackers to achieve sandbox escape by exploiting the timing gap between path validation and file read operations. The flaw enables bypassing sandbox restrictions to read arbitrary files on the system. The vulnerability has been addressed in OpenClaw version 2026.3.31 and later. Security advisories and patches are available through GitHub.

Technical details

Mitigation steps:

Affected products:

OpenClaw

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-41296
https://github.com/openclaw/openclaw/commit/121870a08583033ed6a0ed73d9ffea32991252bb
https://github.com/openclaw/openclaw/security/advisories/GHSA-9p3r-hh9g-5cmg
https://www.vulncheck.com/advisories/openclaw-sandbox-escape-via-toctou-race-in-remote-fs-bridge-readfile

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page