CVE-2026-43533: OpenClaw QQBot Arbitrary File Read Vulnerability Uncovered

/HIGH /CVSS 8.6/10
Written by SCW Vulnerability Desk Vulnerability Intelligence
SCW vulnerabilitycvehigh-severityarbitrary-file-accesscwe-23
CVE-2026-43533: OpenClaw QQBot Arbitrary File Read Vulnerability Uncovered

The National Vulnerability Database has identified CVE-2026-43533, a critical arbitrary file read vulnerability within OpenClaw’s QQBot media tag functionality. Versions prior to 2026.4.10 are affected. Attackers can exploit this by crafting malicious reply text containing specific media tags, allowing them to reference host-local paths that fall outside the intended media storage boundaries. This mechanism enables the disclosure of arbitrary local files through the QQBot’s outbound media handling.

This vulnerability, rated HIGH with a CVSS score of 8.6, presents a significant risk. Attackers can leverage it without any privileges or user interaction, and the scope is broadened, meaning it impacts more than just the vulnerable component. The ability to read any local file on the host system can lead to severe information disclosure, potentially revealing sensitive configuration data, credentials, or proprietary information.

Defenders should prioritize patching OpenClaw installations to version 2026.4.10 or later immediately. For systems that cannot be patched promptly, consider implementing strict input validation on user-supplied text for QQBot media tags and monitor outbound network traffic for suspicious file access patterns originating from the media handling service. Understanding the attacker’s calculus here is simple: gain access to sensitive data with minimal effort.

What This Means For You

  • If your organization uses OpenClaw's QQBot, verify your version is 2026.4.10 or higher and apply the patch immediately. If patching is delayed, scrutinize logs for unusual file paths being referenced in media tag handling and restrict outbound network connections from the QQBot service to only necessary destinations.

Related ATT&CK Techniques

T1005 Data from Local System Collection T1204.002 Malicious File Initial Access

🛡️ Detection Rules

3 rules · 6 SIEM formats

3 detection rules auto-generated for this incident, mapped to MITRE ATT&CK. Sigma YAML is free — export to any SIEM format via the Intel Bot.

critical T1190 Initial Access

CVE-2026-43533: OpenClaw QQBot Arbitrary File Read via Malicious Media Tag

Sigma YAML — free preview 
title: CVE-2026-43533: OpenClaw QQBot Arbitrary File Read via Malicious Media Tag
id: scw-2026-05-05-ai-1
status: experimental
level: critical
description: |
  Detects attempts to exploit CVE-2026-43533 by looking for requests to the QQBot media endpoint that include a 'tag=' parameter containing '../' sequences, indicating an attempt to read arbitrary host-local files outside the intended media storage boundary.
author: SCW Feed Engine (AI-generated)
date: 2026-05-05
references:
  - https://shimiscyberworld.com/posts/nvd-CVE-2026-43533/
tags:
  - attack.initial_access
  - attack.t1190
logsource:
    category: webserver
detection:
  selection:
      cs-uri|contains:
          - '/qqbot/media'
      cs-uri-query|contains:
          - 'tag=' 
      cs-uri-query|contains:
          - '../'
  condition: selection
falsepositives:
  - Legitimate administrative activity

Source: Shimi's Cyber World · License & reuse

✓ Sigma · Splunk SPL Sentinel KQL Elastic QRadar AQL Wazuh Get rules for your SIEM →

Indicators of Compromise

IDTypeIndicator
CVE-2026-43533 Path Traversal OpenClaw before 2026.4.10
CVE-2026-43533 Information Disclosure OpenClaw before 2026.4.10
CVE-2026-43533 Arbitrary File Read QQBot media tags

Written by SCW Vulnerability Desk

Source & Attribution
Source PlatformNVD
ChannelNational Vulnerability Database
PublishedMay 05, 2026 at 15:16 UTC

This content was AI-rewritten and enriched by Shimi's Cyber World based on the original source. All intellectual property rights remain with the original author.

Believe this infringes your rights? Submit a takedown request.

Related coverage

EFM ipTIME C200 Vulnerability: Remote Command Injection Exposed

CVE-2026-7833 — A weakness has been identified in EFM ipTIME C200 up to 1.092. This vulnerability affects the function sub_408F90 of the file /cgi/iux_set.cgi of...

vulnerabilityCVEhigh-severitycommand-injectioncwe-74cwe-77
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 2 IOCs /⚙ 3 Sigma

IObit Advanced SystemCare 19: High-Severity Symlink Following Vulnerability (CVE-2026-7832)

CVE-2026-7832 — A security flaw has been discovered in IObit Advanced SystemCare 19. This affects an unknown part of the file ASC.exe of the component...

vulnerabilityCVEhigh-severitycwe-59cwe-61
/SCW Vulnerability Desk /HIGH /7 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-30246 — Fiber is a web framework for Go. In

CVE-2026-30246 — Fiber is a web framework for Go. In github.com/gofiber/fiber/v3 versions through 3.1.0, the default key generator in the cache middleware uses only the...

vulnerabilityCVEmedium-severitycwe-436
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 1 Sigma