Time-of-Check/Time-of-Use Race Condition in OpenClaw by OpenClaw
CVE-2026-44112

8.4HIGH

Key Information:

Vendor

Openclaw

Status
Openclaw
Vendor
CVE Published:
6 May 2026

Badges

๐Ÿ‘พ Exploit Exists๐Ÿ“ฐ News Worthy

What is CVE-2026-44112?

OpenClaw versions prior to 2026.4.22 exhibit a vulnerability characterized by a time-of-check/time-of-use race condition within the OpenShell sandbox filesystem mechanisms. This flaw allows malicious actors to exploit symlink swaps during filesystem operations, potentially enabling unauthorized write access outside of the predefined mount root. By bypassing sandbox restrictions through this weakness, attackers can manipulate filesystem writes, leading to potential data exposure or integrity compromises.

Affected Version(s)

OpenClaw 0 < 2026.4.22

OpenClaw 2026.4.22

News Articles

favicon imageEsecurity Planet

OpenClaw Vulnerabilities Could Enable Full AI Agent Takeover | eSecurity Planet

Cyera disclosed four OpenClaw flaws that could enable AI agent compromise and privilege escalation.

3 weeks ago

favicon imageThe Hacker News

Four OpenClaw Flaws Enable Data Theft, Privilege Escalation, and Persistence

Claw Chain flaws in OpenClaw 2026.4.22 enable data theft, privilege escalation, and persistence when chained.

3 weeks ago

References

https://github.com/openclaw/openclaw/security/advisories/...
vendor-advisory
https://github.com/openclaw/openclaw/commit/7be82d4fd1193...
patch
https://www.vulncheck.com/advisories/openclaw-symlink-swa...
third-party-advisory

CVSS V4

Score:
8.4
Severity:
HIGH
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • ๐Ÿ‘พ

    Exploit known to exist

  • ๐Ÿ“ฐ

    First article discovered by The Hacker News

  • Vulnerability published

  • Vulnerability Reserved

Credit

vladimir tokarev (@VladimirEliTokarev)
.