What are the OpenClaw April 2026 CVEs?

Six HIGH-severity CVEs (CVE-2026-35625, 35629, 35637, 35638, 35668, 35669) were disclosed April 9-10 covering privilege escalation, path traversal, and SSRF in OpenClaw versions before 2026.3.25.

What is CVE-2026-35669 in OpenClaw?

A privilege escalation vulnerability (CVSS 8.8) in gateway-authenticated plugin HTTP routes that incorrectly mint operator.admin scope regardless of caller permissions.

What is CVE-2026-35668 OpenClaw path traversal?

A sandbox path traversal vulnerability allowing sandboxed agents to read arbitrary files from other agents workspaces via unnormalized mediaUrl or fileUrl parameter keys.

How to fix OpenClaw April 2026 CVEs?

Upgrade to OpenClaw version 2026.3.25 or later. All six CVEs are patched in that release.

How many OpenClaw instances are vulnerable to privilege escalation?

Security researchers found 135K+ OpenClaw instances exposed to the public internet. Many running versions before 2026.3.25 are vulnerable to these privilege escalation and path traversal attacks.

What is OpenClaw SSRF vulnerability CVE-2026-35629?

A server-side request forgery vulnerability in multiple channel extensions that fail to properly guard configured base URLs, allowing attackers to redirect requests to internal endpoints.

Are OpenClaw April 2026 CVEs being exploited?

No confirmed exploitation as of April 12, 2026, though proof-of-concept code has been observed for some of the vulnerabilities.

← Back to dashboard

clawsmith.com/signal/openclaw-april-cve-batch-priv-esc-path-traversal-hn

⚠ IssueWide OpenSecurityLive

OpenClaw April CVE Batch Expands: 13+ HIGH-Severity CVEs Including Privilege Escalation, Path Traversal, SSRF

OpenClaw April 2026 CVE batch now includes 35xxx series (CVE-2026-35660 gateway reset bypass CVSS 8.1, CVE-2026-35669 privilege escalation CVSS 8.8, CVE-2026-35629 SSRF CVSS 7.4, CVE-2026-35668 path traversal, CVE-2026-35625 silent privilege escalation to RCE, and more). Combined with earlier 33xxx/34xxx series, the April wave includes 20+ vulnerabilities spanning privilege escalation, SSRF, sandbox escape, and path traversal.

Product Idea from this Signal

A reverse proxy that enforces scope boundaries on OpenClaw gateway plugin routes and normalizes sandbox file paths before forwarding

928 ▲

OpenClaw's gateway plugin HTTP routes have a class of vulnerabilities where authenticated callers can escalate to operator.admin scope regardless of their actual permissions (CVE-2026-35669, CVSS 8.8), and sandboxed agents can read arbitrary files across workspaces through unnormalized path parameters (CVE-2026-35668). With 135K+ OpenClaw instances publicly exposed and six new HIGH-severity CVEs disclosed in April 2026 alone, a standalone reverse proxy that sits in front of the gateway and validates every plugin route call against the caller's granted scopes, while normalizing all file path parameters including mediaUrl and fileUrl aliases, would close these attack vectors without waiting for upstream patches.

SECURITYPROXYOPEN-SOURCEDEVTOOL

CompetitiveView Opportunity →