CVE-2026-44111

May 6, 2026, 9:20 p.m.

2.3
Low

Description

OpenClaw before 2026.4.15 contains an arbitrary file read vulnerability in the QMD backend memory_get function that allows callers to read any Markdown files within the workspace root. Attackers with access to the memory tool can bypass path restrictions by providing arbitrary workspace Markdown paths to read files outside canonical memory locations or indexed QMD result sets.

Product(s) Impacted

Vendor Product Versions
Openclaw
  • Openclaw
  • <2026.4.15

Weaknesses

Common security weaknesses mapped to this vulnerability.

CWE-183
Permissive List of Allowed Inputs
The product implements a protection mechanism that relies on a list of inputs (or properties of inputs) that are explicitly allowed by policy because the inputs are assumed to be safe, but the list is too permissive - that is, it allows an input that is unsafe, leading to resultant weaknesses.

*CPE(s)

Affected systems and software identified for this CVE.

Type Vendor Product Version Update Edition Language Software Edition Target Software Target Hardware Other Information
a openclaw openclaw <2026.4.15 / / / / / / /

References

https://github.com/openclaw/openclaw/commit/37d5971db36491d5050efd42c333cbe0b98ed292
https://github.com/openclaw/openclaw/security/advisories/GHSA-f934-5rqf-xx47
https://www.vulncheck.com/advisories/openclaw-arbitrary-markdown-file-read-via-qmd-memory-get

Tags

[email protected]
CWE-183
2026-05-06
CVE-2026-44111

CVSS Score

2.3 / 10

CVSS Data - 4.0

  • Attack Vector: NETWORK
  • Attack Complexity: LOW
  • Attack Requirements: PRESENT
  • Privileges Required: LOW
  • User Interaction: NONE
  • Scope:
  • Confidentiality Impact: LOW
  • Integrity Impact: NONE
  • Availability Impact: NONE
  • Exploit Maturity: NOT_DEFINED

    • CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

    View Vector String

Timeline

Published: May 6, 2026, 8:16 p.m.
Last Modified: May 6, 2026, 9:20 p.m.

Status : Undergoing Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

[email protected]

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.