High severity8.1NVD Advisory· Published Apr 28, 2026· Updated May 1, 2026
CVE-2026-41383
CVE-2026-41383
Description
OpenClaw before 2026.4.2 contains an arbitrary directory deletion vulnerability in mirror mode that allows attackers to delete remote directories by influencing remoteWorkspaceDir and remoteAgentWorkspaceDir configuration values. Attackers can manipulate these OpenShell config paths to cause mirror sync operations to delete unintended remote directory contents and replace them with uploaded workspace data.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
openclawnpm | < 2026.4.2 | 2026.4.2 |
Affected products
2Patches
Vulnerability mechanics
References
4- github.com/openclaw/openclaw/commit/b21c9840c2e38f4bb338d031511b479d5f07ca25nvdPatchWEB
- github.com/advisories/GHSA-m34q-h93w-vg5xghsaADVISORY
- github.com/openclaw/openclaw/security/advisories/GHSA-m34q-h93w-vg5xnvdVendor AdvisoryWEB
- www.vulncheck.com/advisories/openclaw-arbitrary-remote-directory-deletion-via-mis-scoped-mirror-mode-pathsnvdThird Party Advisory
News mentions
0No linked articles in our index yet.