{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-3689", "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e", "state": "PUBLISHED", "assignerShortName": "zdi", "dateReserved": "2026-03-07T01:52:31.328Z", "datePublished": "2026-04-11T00:17:24.472Z", "dateUpdated": "2026-04-13T17:40:53.608Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e", "shortName": "zdi", "dateUpdated": "2026-04-11T00:17:24.472Z"}, "title": "OpenClaw Canvas Path Traversal Information Disclosure Vulnerability", "descriptions": [{"lang": "en", "value": "OpenClaw Canvas Path Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of OpenClaw. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of the path parameters provided to the canvas gateway endpoint. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of the service account. Was ZDI-CAN-29312."}], "affected": [{"vendor": "OpenClaw", "product": "OpenClaw", "versions": [{"version": "openclaw 2026.2.17", "status": "affected"}], "defaultStatus": "unknown"}], "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-22", "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "type": "CWE"}]}], "references": [{"url": "https://www.zerodayinitiative.com/advisories/ZDI-26-227/", "name": "ZDI-26-227", "tags": ["x_research-advisory"]}, {"url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-jq4x-98m3-ggq6", "name": "vendor-provided URL", "tags": ["vendor-advisory"]}], "dateAssigned": "2026-03-07T01:52:31.425Z", "datePublic": "2026-03-30T13:21:37.939Z", "source": {"lang": "en", "value": "Peter Girnus (@gothburz) and Project AESIR of TrendAI Zero Day Initiative"}, "metrics": [{"format": "CVSS", "cvssV3_0": {"version": "3.0", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "baseScore": 6.5, "baseSeverity": "MEDIUM"}}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-13T17:40:45.001478Z", "id": "CVE-2026-3689", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-13T17:40:53.608Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-3689", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-13T17:40:45.001478Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-13T17:40:49.965Z"}}], "cna": {"title": "OpenClaw Canvas Path Traversal Information Disclosure Vulnerability", "source": {"lang": "en", "value": "Peter Girnus (@gothburz) and Project AESIR of TrendAI Zero Day Initiative"}, "metrics": [{"format": "CVSS", "cvssV3_0": {"version": "3.0", "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}}], "affected": [{"vendor": "OpenClaw", "product": "OpenClaw", "versions": [{"status": "affected", "version": "openclaw 2026.2.17"}], "defaultStatus": "unknown"}], "datePublic": "2026-03-30T13:21:37.939Z", "references": [{"url": "https://www.zerodayinitiative.com/advisories/ZDI-26-227/", "name": "ZDI-26-227", "tags": ["x_research-advisory"]}, {"url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-jq4x-98m3-ggq6", "name": "vendor-provided URL", "tags": ["vendor-advisory"]}], "dateAssigned": "2026-03-07T01:52:31.425Z", "descriptions": [{"lang": "en", "value": "OpenClaw Canvas Path Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of OpenClaw. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of the path parameters provided to the canvas gateway endpoint. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of the service account. Was ZDI-CAN-29312."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-22", "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}], "providerMetadata": {"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e", "shortName": "zdi", "dateUpdated": "2026-04-11T00:17:24.472Z"}}}, "cveMetadata": {"cveId": "CVE-2026-3689", "state": "PUBLISHED", "dateUpdated": "2026-04-13T17:40:53.608Z", "dateReserved": "2026-03-07T01:52:31.328Z", "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e", "datePublished": "2026-04-11T00:17:24.472Z", "assignerShortName": "zdi"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "OpenClaw Canvas Path Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of OpenClaw. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of the path parameters provided to the canvas gateway endpoint. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of the service account. Was ZDI-CAN-29312."}], "id": "CVE-2026-3689", "lastModified": "2026-04-13T15:02:06.187", "metrics": {"cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "zdi-disclosures@trendmicro.com", "type": "Secondary"}]}, "published": "2026-04-11T01:16:15.837", "references": [{"source": "zdi-disclosures@trendmicro.com", "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-jq4x-98m3-ggq6"}, {"source": "zdi-disclosures@trendmicro.com", "url": "https://www.zerodayinitiative.com/advisories/ZDI-26-227/"}], "sourceIdentifier": "zdi-disclosures@trendmicro.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "zdi-disclosures@trendmicro.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "2026.2.17"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "OpenClaw", "source": "cna", "vendor": "OpenClaw"}, "product": "openclaw", "vendor": "openclaw"}], "analysis": {"en": {"generated_at": "2026-04-11T02:23:51.835089+00:00", "value": {"mitigation_remediation": ["Update OpenClaw to the latest released version or apply vendor\u2011published patch.", "Restrict access to the canvas gateway endpoint by limiting authentication to trusted users or roles.", "If a patch is unavailable, consider disabling the canvas gateway feature or enforcing strict path validation.", "Monitor application logs for anomalous path traversal attempts and unauthorized file access."], "summary": {"action": "Apply Patch", "impact": "Remote Information Disclosure"}, "threat_synthesis": {"affected_systems": "OpenClaw installations are affected; no specific product versions are listed, so all deployed releases of OpenClaw may be vulnerable unless patched.", "description_and_impact": "The vulnerability allows authenticated attackers to read sensitive files on the server by manipulating path parameters to the canvas gateway endpoint. Because the system lacks proper validation of user\u2011supplied paths, it is possible to traverse directories and access files accessible to the service account. The primary impact is the disclosure of confidential information, such as configuration files or credentials, rather than execution of arbitrary code or denial of service.", "risk_and_exploitability": "The CVSS score is 6.5, indicating medium severity. The EPSS score is not available, so the likelihood of exploitation cannot be quantified from the data. The vulnerability is not listed in the CISA KEV catalog. Exploitation requires valid authentication, so an attacker must first gain legitimate access or credential compromise. Once authenticated, path traversal can be used to retrieve sensitive files, presenting a moderate overall risk."}}}}, "created": "2026-04-13T12:42:07.078214+00:00", "updated": "2026-04-13T12:56:51.918431+00:00", "vendors": ["openclaw", "openclaw$PRODUCT$openclaw"]}