CVE-2026-32061
OpenClaw vulnerable to arbitrary file read via $include directive
Description
## Vulnerability Path traversal in config `$include` resolution allowed arbitrary local file reads outside the config directory boundary (CWE-22). ### Attack Vectors 1. If an attacker can modify OpenClaw config, they can set `$include` to absolute paths (for example `/etc/passwd`) and read files accessible to the OpenClaw process. 2. If an attacker can modify OpenClaw config, they can use traversal paths (for example `../../...`) to escape the config directory. 3. If an attacker can create symlinks inside the config directory, they can point includes to external files unless real-path checks are enforced. 4. Impact scope is bounded by the file permissions of the OpenClaw runtime user; this is not an unauthenticated remote-only vector by itself. ## Impact A successful exploit can expose local secrets and credentials readable by the OpenClaw process user, including API keys and private config material. ## Affected Packages / Versions - Package: `openclaw` (npm) - Vulnerable versions: `<=2026.2.15` - Patched versions: `>=2026.2.17` ## Fix Commit(s) - `d1c00dbb7c64a39e205464dae7f2a068420e91c1` ## Release Process Note Patched version is pre-set to `2026.2.17`. Once npm release `2026.2.17` is available, this advisory is ready to publish. OpenClaw thanks @aether-ai-agent for reporting.
How to fix CVE-2026-32061
To remediate CVE-2026-32061, upgrade the affected package to a fixed version below.
- —upgrade to 2026.2.17 or later
Is CVE-2026-32061 being exploited?
Low — EPSS is 0.0%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 2026.2.17