CVE-2026-41363 | OpenClaw up to 2026.3.24 Feishu Extension upload_image path traversal (GHSA-qf48-qfv4-jjm9)

Inserito da Angelo Barbosa | Apr 28, 2026 | CVE

A vulnerability has been found in OpenClaw up to 2026.3.24 and classified as critical. This vulnerability affects the function upload_image of the component Feishu Extension. Performing a manipulation results in path traversal.

This vulnerability is identified as CVE-2026-41363. The attack can be initiated remotely. There is not any exploit available.

CVE-2026-41363 | OpenClaw up to 2026.3.24 Feishu Extension upload_image path traversal (GHSA-qf48-qfv4-jjm9)

Post correlati

CVE-2025-8107 | OB OceanBase Server prior 3.2.4.9/4.2.1.10/4.2.5/4.3.3.2/4.3.4 exposure of resource

CVE-2024-6613 | Mozilla Firefox up to 127.x iFrame Iterator infinite loop

CVE-2025-20026 | Intel PROSet Wireless WiFi Software 21.10/21.40 on Windows out-of-bounds (intel-sa-01270)

CVE-2024-48307 | JeecgBoot 3.7.1 getTotalData sql injection