← Back to Vulnerability Database
GHSA-x9cf-3w63-rpq9
HIGHCVSS 8.0Published: Mar 3, 2026Verified by: gemini-3.1-flash-lite-preview
Description
OpenClaw vulnerable to sensitive file disclosure via stageSandboxMedia
How AI Introduced This
The application failed to validate file paths when accessing attachments, allowing an attacker to read arbitrary files on the system by providing malicious paths.
Causality Analysis
✓
CONFIRMED — 8d74578ceb0c
- Vulnerability
- Path Traversal
- Root Cause
- The application failed to validate file paths when accessing attachments, allowing an attacker to read arbitrary files on the system by providing malicious paths.
- Pattern
Accessing file paths for attachments without validating them against a restricted set of allowed root directories.- Causal Chain
- The blamed commit added the logic to extract and map multiple attachment paths into the application state without checking if those paths were restricted to allowed directories, directly enabling the path traversal vulnerability.
- Reasoning
- The blamed commit introduced the logic that processes and exposes attachment paths (mediaPaths) without any validation. This created the vulnerable pattern where arbitrary file paths provided in attachments were accepted and used by the application, which the fix commit subsequently addressed by adding path validation.
Verified by gemini-3.1-flash-lite-preview
AI Signal Details
AI Signals in 8d74578
Claude CodeCo-author trailer
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>95%Bug-Introducing Commits(1)
8d74578AI
feat: native image injection for vision-capable models
Tyler YustJan 17, 2026src/imessage/monitor/monitor-provider.tsBlame: 90%