CVE-2026-41364: OpenClaw Symlink Vulnerability Allows Arbitrary File Write
The National Vulnerability Database reports CVE-2026-41364 in OpenClaw before version 2026.3.31. This is a symlink following vulnerability within the SSH sandbox tar upload functionality. It allows remote attackers to achieve arbitrary file write capabilities.
Attackers can exploit this by crafting and uploading malicious tar archives containing symlinks. These symlinks can then be used to escape the intended sandbox environment and overwrite files on the remote host. The National Vulnerability Database assigns this a CVSS score of 8.1 (HIGH severity).
This isn’t just a theoretical flaw. Symlink following vulnerabilities are a well-worn path for privilege escalation and system compromise. For defenders, this means a direct path to system integrity loss and potential remote code execution if critical files are overwritten. The attacker’s calculus is simple: find a writable location, drop a symlink, and then overwrite a crucial system file to gain control.
What This Means For You
- If your organization utilizes OpenClaw, you need to immediately verify your version. Patch to OpenClaw 2026.3.31 or later without delay. Review SSH server logs for any unusual tar archive uploads or unexpected file modifications, especially within sandbox directories, as this could indicate attempted or successful exploitation.
Related ATT&CK Techniques
🛡️ Detection Rules
3 rules · 6 SIEM formats3 detection rules auto-generated for this incident, mapped to MITRE ATT&CK. Sigma YAML is free — export to any SIEM format via the Intel Bot.
CVE-2026-41364: OpenClaw SSH Sandbox Tar Upload Symlink Exploit
title: CVE-2026-41364: OpenClaw SSH Sandbox Tar Upload Symlink Exploit
id: scw-2026-04-28-ai-1
status: experimental
level: critical
description: |
Detects the creation of symlinks within the OpenClaw SSH sandbox that target critical system files like /etc/passwd, /etc/shadow, or /etc/sudoers. This is a direct indicator of the CVE-2026-41364 vulnerability being exploited to write arbitrary files on the remote host.
author: SCW Feed Engine (AI-generated)
date: 2026-04-28
references:
- https://shimiscyberworld.com/posts/nvd-CVE-2026-41364/
tags:
- attack.execution
- attack.t1570
logsource:
category: file_event
detection:
selection:
TargetFilename|contains:
- '/etc/passwd'
- '/etc/shadow'
- '/etc/sudoers'
EventType:
- 'symlink'
condition: selection
falsepositives:
- Legitimate administrative activity
Source: Shimi's Cyber World · License & reuse
Indicators of Compromise
| ID | Type | Indicator |
|---|---|---|
| CVE-2026-41364 | Path Traversal | OpenClaw before 2026.3.31 |
| CVE-2026-41364 | Arbitrary File Write | OpenClaw SSH sandbox tar upload symlink following vulnerability |
Written by SCW Vulnerability Desk
Source & Attribution
| Source Platform | NVD |
| Channel | National Vulnerability Database |
| Published | April 28, 2026 at 03:16 UTC |
This content was AI-rewritten and enriched by Shimi's Cyber World based on the original source. All intellectual property rights remain with the original author.
Believe this infringes your rights? Submit a takedown request.
Related coverage
CVE-2026-7214: eghuzefa engineer-your-data Path Traversal Vulnerability (High Severity)
CVE-2026-7214 — A vulnerability was identified in eghuzefa engineer-your-data up to 0.1.3. This vulnerability affects the function read_file/write_file/list_files/file_inf of the file src/server.py. The manipulation of...
ef10007 MLOps_MCP Path Traversal (CVE-2026-7213) Publicly Exploitable
CVE-2026-7213 — A vulnerability was detected in ef10007 MLOps_MCP 1.0.0. This impacts an unknown function of the file fastmcp_server.py of the component save_file Tool. The...
CVE-2026-7212: edvardlindelof notes-mcp Path Traversal Vulnerability
CVE-2026-7212 — A security vulnerability has been detected in edvardlindelof notes-mcp up to 0.1.4. This affects an unknown function of the file notes_mcp.py. The manipulation...