关键信息总结 漏洞概述 CVE ID: CVE-2026-26329 严重程度: 高 漏洞类型: 路径穿越(Path Traversal) 影响版本 受影响版本: =2026.2.14 漏洞描述 Authenticated attackers can read arbitrary files from the Gateway host by supplying absolute paths or path traversal sequences to the browser tool's action. The server passed these paths to Playwright's APIs without restricting them to a safe root. The severity remains High due to the impact (arbitrary local file read on the Gateway host), even though exploitation requires authenticated access. 利用条件 Reach the Gateway HTTP surface. Present valid Gateway authentication. Have the tool permitted by tool policy. 漏洞细节 入口点: - with - (browser control hook) When the upload paths are not validated, Playwright reads the referenced files from the local filesystem and attaches them to a page-level . Contents can then be exfiltrated by page JavaScript (e.g. via ) or via agent/browser snapshots. Impact: Arbitrary local file read on the Gateway host (confidentiality impact). 修复措施 Upload paths are now confined to OpenClaw's temp uploads root ( ) and traversal/escape paths are rejected. This fix was implemented internally; the reporter provided a clear reproduction and impact analysis. 其他信息 修复提交: 3aa94af 释放过程说明: The patched version is pre-set to 2026.2.14 so once the npm release is published, the advisory can be published immediately.