CVE-2026-41370 - OpenClaw < 2026.3.31 - Path Traversal via Inbound Channel Attachment Path in ACP Dispatch
CVE ID :CVE-2026-41370 Published : April 27, 2026, 11:24 p.m. | 38 minutes ago Description :OpenClaw before 2026.3.31 contains a path traversal vulnerability in ACP dispatch that allows attackers to read arbitrary files by manipulating inbound channel attachment paths. Remote attackers can byp
ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] CVE-2026-7214 - eghuzefa engineer-your-data server.py file_inf path traversal
- [CYBER] CVE-2026-7213 - ef10007 MLOps_MCP save_file Tool fastmcp_server.py path traversal
- [CYBER] CVE-2026-7211 - dvladimirov MCP Git Search API mcp_server.py GitSearchRequest command injection
- [CYBER] CVE-2026-7206 - dubydu sqlite-mcp entry.py extract_to_json sql injection
- [CYBER] CVE-2026-7205 - duartium papers-mcp-server main.py search_papers path traversal
- [CYBER] CVE-2026-7204 - Totolink A8000RU CGI cstecgi.cgi setPptpServerCfg os command injection