High severity7.7NVD Advisory· Published May 6, 2026· Updated May 13, 2026
CVE-2026-44113
CVE-2026-44113
Description
OpenClaw before 2026.4.22 contains a time-of-check/time-of-use race condition in the OpenShell filesystem bridge that allows attackers to read files outside the intended mount root. Attackers can exploit symlink swaps during filesystem operations to bypass sandbox restrictions and access unauthorized file contents.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
openclawnpm | < 2026.4.22 | 2026.4.22 |
Affected products
3Patches
Vulnerability mechanics
References
5- github.com/openclaw/openclaw/commit/95119017c847c737bd113f0bff728c4666d79c45nvdPatchWEB
- github.com/advisories/GHSA-5h3g-6xhh-rg6pghsaADVISORY
- github.com/openclaw/openclaw/security/advisories/GHSA-5h3g-6xhh-rg6pnvdMitigationVendor AdvisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2026-44113ghsaADVISORY
- www.vulncheck.com/advisories/openclaw-time-of-check-time-of-use-race-condition-in-openshell-fs-bridgenvdThird Party AdvisoryWEB
News mentions
4- Patched OpenClaw Flaw Let Hackers Hijack AI AgentsGovInfoSecurity · May 19, 2026
- 'Claw Chain' Vulnerabilities Threaten OpenClaw DeploymentsDark Reading · May 18, 2026
- ‘Claw Chain’ OpenClaw Flaws Allow Sandbox Escape, Backdoor DeliverySecurityWeek · May 18, 2026
- Four OpenClaw Flaws Enable Data Theft, Privilege Escalation, and PersistenceThe Hacker News · May 15, 2026