Vulnerabilities

Report: CVE-2026-41364 - OpenClaw < 2026.3.31 - Arbitrary File Write via Symlink Following in SSH Sandbox

2026-04-28 0 views admin

CVE ID :CVE-2026-41364 Published : April 27, 2026, 11:24 p.m. | 34 minutes ago Description :OpenClaw before 2026.3.31 contains a symlink following vulnerability in SSH sandbox tar upload that allows remote attackers to write arbitrary files. Attackers can exploit this by uploading tar archives containing symlinks to escape the sandbox and overwrite files on the remote host. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2026-41364

Severity

HIGH

Published

April 27, 2026

🏷️ Tags

report41364openclawarbitrarywritesymlinkfollowingsandboxcvecve-2026-41364

InfinitSec - Latest Cybersecurity, Technology & Gaming News

Report: CVE-2026-41364 - OpenClaw < 2026.3.31 - Arbitrary File Write via Symlink Following in SSH Sandbox

CVE Details

🏷️ Tags

More from Vulnerabilities

Report: CVE-2026-7196 - CodeAstro Online Classroom guestdetails sql injection

Report: Ultimate Guide: CVE-2026-7212 - edvardlindelof notes-mcp notes_mcp.py path traversal

Report: Essential Guide: CVE-2026-32649 - Milesight Cameras OS Command Injection

Report: CVE-2026-32644 - Milesight Cameras Use of Hard-coded Cryptographic Key

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting