OpenClaw Sender Policy Bypass Vulnerability in Host Media Attachment Reads Allowing Unauthorized Local File Disclosure
Vulnerability
A sender policy bypass vulnerability has been identified in OpenClaw versions 2026.4.9 prior to 2026.4.10. This vulnerability resides in the outbound host-media attachment read helper, allowing unauthorized access to local files. Attackers can exploit this issue by triggering host-media attachment loading to bypass sender and group authorization boundaries, retrieving readable local files through the outbound media path. The vulnerability affects deployments that allow host read access and rely on sender or group policies to deny read rights for certain participants.
Impact
Exploitation of this vulnerability can lead to unauthorized disclosure of local files accessible by the OpenClaw process, bypassing intended sender and group authorization boundaries.
Reproduction
To reproduce this vulnerability, send a host-media attachment through a channel that denies read access via sender tools or group policy. The attachment will bypass these restrictions and trigger a host file read, allowing access to local files.
Remediation
Users can update to OpenClaw version 2026.4.10 or later, where this vulnerability has been fixed.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.