CVE-2026-44996 - OpenClaw < 2026.4.15 - Arbitrary Local File Read via Webchat Audio Embedding
CVE ID :CVE-2026-44996 Published : May 11, 2026, 6:16 p.m. | 49 minutes ago Description :OpenClaw before 2026.4.15 contains an arbitrary local file read vulnerability in the webchat audio embedding helper that fails to apply local media root containment checks. Attackers can influence agent or
ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] Google says hackers used AI to exploit ‘zero-day’ flaw
- [CYBER] CVE-2026-42871 - WeGIA: Error Handling familiar_docfamiliar
- [CYBER] Google says hacker used Mythos-like AI for zero-day exploit
- [CYBER] CVE-2026-42866 - Tookie: Arbitrary file write via path traversal in -u username / -U userfile output filename
- [CYBER] CVE-2026-42864 - FireFighter: Unauthenticated SSRF in Raid jira_bot endpoint allows IAM credential theft
- [CYBER] CVE-2026-8305 - OpenClaw bluebubbles Webhook monitor.ts handleBlueBubblesWebhookRequest improper authentication