AI Threat Alert AI Threat Alert

CVE-2026-43570

GHSA-35mw-5vvr-vrxc MEDIUM
Published May 5, 2026

OpenClaw versions 2026.3.22 before 2026.4.5 contain a symlink traversal vulnerability in remote marketplace repository path handling that allows attackers to escape the expected repository root. Attackers can exploit this by providing crafted symlink paths to access files outside the intended...

Full CISO analysis pending enrichment.

Affected Systems

Package Ecosystem Vulnerable Range Patched
openclaw npm >= 2026.3.22, < 2026.4.5 2026.4.5
4 dependents 93% patched ~0d to patch Full package profile →

Do you use openclaw? You're affected.

Severity & Risk

CVSS 3.1
6.5 / 10
EPSS
0.0%
chance of exploitation in 30 days
Higher than 11% of all CVEs
Source: EPSS v3 — FIRST.org
Exploitation Status
No known exploitation
Sophistication
N/A

Attack Surface

AV AC PR UI S C I A
AV Network
AC Low
PR None
UI Required
S Unchanged
C High
I None
A None

Recommended Action

Patch available

Update openclaw to version 2026.4.5

Compliance Impact

Compliance analysis pending. Sign in for full compliance mapping when available.

Frequently Asked Questions

What is CVE-2026-43570?

OpenClaw contains a symlink traversal vulnerability

Is CVE-2026-43570 actively exploited?

No confirmed active exploitation of CVE-2026-43570 has been reported, but organizations should still patch proactively.

How to fix CVE-2026-43570?

Update to patched version: openclaw 2026.4.5.

What is the CVSS score for CVE-2026-43570?

CVE-2026-43570 has a CVSS v3.1 base score of 6.5 (MEDIUM). The EPSS exploitation probability is 0.04%.

Technical Details

NVD Description

OpenClaw versions 2026.3.22 before 2026.4.5 contain a symlink traversal vulnerability in remote marketplace repository path handling that allows attackers to escape the expected repository root. Attackers can exploit this by providing crafted symlink paths to access files outside the intended repository directory.

Weaknesses (CWE)

CWE-61 UNIX Symbolic Link (Symlink) Following Primary

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

References

Timeline

Published
May 5, 2026
Last Modified
May 8, 2026
First Seen
May 9, 2026

Related Vulnerabilities

CRITICAL CVE-2026-30741 9.8

OpenClaw: RCE via request-side prompt injection

Same package: openclaw
CRITICAL CVE-2026-28451 9.3

OpenClaw: SSRF via Feishu extension exposes internal services

Same package: openclaw
HIGH GHSA-cwj3-vqpp-pmxr 8.8

Analysis pending

Same package: openclaw
HIGH GHSA-m3mh-3mpg-37hw 8.6

OpenClaw: .npmrc hijack enables RCE on plugin install

Same package: openclaw
HIGH CVE-2026-27001 7.8

OpenClaw: prompt injection via unsanitized workspace path

Same package: openclaw
Back to Threat Feed