GHSA-jq4x-98m3-ggq6: OpenClaw Canvas Path Traversal Information Disclosure Vulnerability
highvulnerability
security
Source: GitHub Advisory DatabaseMarch 2, 2026
Summary
OpenClaw's canvas tool contains a path traversal vulnerability (a security flaw that allows reading files outside intended directories) in its `a2ui_push` action. An authenticated attacker can supply any filesystem path to the `jsonlPath` parameter, and the gateway reads the file without validation and forwards its contents to connected nodes, potentially exposing sensitive files like credentials or SSH keys.
Classification
Attack Type
Prompt InjectionData Extraction
Attack SophisticationModerate
Impact (CIA+S)
confidentiality
Affected Vendors
OpenAI
Affected Packages
openclaw@< 2026.2.21 (fixed: 2026.2.21)
Related Issues
Original source: https://github.com/advisories/GHSA-jq4x-98m3-ggq6
First tracked: March 2, 2026 at 07:00 PM
Classified by LLM (prompt v3) · confidence: 92%