{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/products/openclaw--2026.4.24/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":["cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*"],"_cs_cves":[{"cvss":7.8,"id":"CVE-2026-53813"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["OpenClaw (\u003c= 2026.4.24)"],"_cs_severities":["high"],"_cs_tags":["vulnerability","supply-chain","npm","node.js","openclaw"],"_cs_type":"advisory","_cs_vendors":["OpenClaw"],"content_html":"\u003cp\u003eA high-severity vulnerability, CVE-2026-53813, has been identified in OpenClaw (npm/openclaw package) affecting versions up to and including 2026.4.24. This flaw, dubbed \u0026quot;Fake package roots,\u0026quot; permits a local package root resolution path, influenced by workspace state, to select and load memory-core artifacts from an unintended local location rather than the intended bundled artifact root. The practical impact hinges on the operator's specific configuration and the ability for lower-trust input to reach the vulnerable path. While OpenClaw generally operates on a trusted-operator model, this specific feature, if enabled and reachable, could bypass assumptions about artifact integrity. The issue was disclosed via GHSA on July 2, 2026.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003cp\u003eThe provided source describes a vulnerability rather than a detailed, observed attack chain. Exploitation would likely involve an attacker providing malicious or crafted input to a Gateway operator's workspace, leveraging the \u0026quot;fake package root\u0026quot; vulnerability (CVE-2026-53813) to redirect artifact loading. The exact steps for achieving this depend on the specific configuration and how \u0026quot;lower-trust input\u0026quot; can be introduced into the environment. No specific steps for attacker actions are outlined in the advisory.\u003c/p\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2026-53813 could lead to the loading of arbitrary, unintended memory-core artifacts from a local file path. The actual damage incurred is highly dependent on the operator's environment and the nature of the unintended artifact loaded. If an attacker can inject malicious code via this mechanism, it could result in code execution within the context of the affected OpenClaw process, leading to data compromise, system manipulation, or further network lateral movement.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePatch OpenClaw (npm/openclaw) to version \u003ccode\u003e2026.4.25\u003c/code\u003e or newer immediately to remediate CVE-2026-53813.\u003c/li\u003e\n\u003cli\u003eAs a mitigation for CVE-2026-53813, run memory-core flows only from trusted workspaces.\u003c/li\u003e\n\u003cli\u003eKeep channel and tool allowlists narrow to restrict potential attack surfaces as recommended in the advisory.\u003c/li\u003e\n\u003cli\u003eAvoid sharing a single OpenClaw Gateway between mutually untrusted users.\u003c/li\u003e\n\u003cli\u003eDisable the affected feature within OpenClaw if it is not explicitly required for operations.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-07-03T12:00:51Z","date_published":"2026-07-03T12:00:51Z","id":"https://feed.craftedsignal.io/briefs/2026-07-openclaw-fake-package-roots/","summary":"A high-severity vulnerability, CVE-2026-53813, in npm/openclaw versions \u003c= 2026.4.24 allows fake package roots to influence memory-core artifact loading, potentially leading to the selection and execution of unintended local artifacts based on attacker-controlled or lower-trust input reaching the affected path.","title":"OpenClaw Vulnerability Allows Unintended Artifact Loading (CVE-2026-53813)","url":"https://feed.craftedsignal.io/briefs/2026-07-openclaw-fake-package-roots/"}],"language":"en","title":"CraftedSignal Threat Feed - OpenClaw (\u003c= 2026.4.24)","version":"https://jsonfeed.org/version/1.1"}