PatchSiren cyber security CVE debrief
CVE-2026-53825 OpenClaw CVE debrief
CVE-2026-53825 is a HIGH severity vulnerability in OpenClaw before version 2026.4.7. The vulnerability is an arbitrary file read issue in the memory-wiki ingest feature, allowing authenticated Gateway operators with operator.write scope to read local files outside intended ingest sources. Attackers with operator.write access can specify arbitrary local file paths to import file content into wiki memory, bypassing access restrictions. The CVSS score for this vulnerability is 7.1.
- Vendor
- OpenClaw
- Product
- Unknown
- CVSS
- HIGH 7.1
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-12
- Original CVE updated
- 2026-06-12
- Advisory published
- 2026-06-12
- Advisory updated
- 2026-06-12
Who should care
Users of OpenClaw before version 2026.4.7, particularly those with Gateway operators having operator.write scope.
Technical summary
The vulnerability exists in the memory-wiki ingest feature of OpenClaw. Authenticated Gateway operators with operator.write scope can read local files outside intended ingest sources by specifying arbitrary local file paths.
Defensive priority
HIGH
Recommended defensive actions
- Update OpenClaw to version 2026.4.7 or later.
- Restrict operator.write access to only necessary personnel.
- Monitor for suspicious activity in Gateway operator actions.
Evidence notes
The CVE-2026-53825 record was published on [cve-org](https://www.cve.org/CVERecord?id=CVE-2026-53825). Additional details can be found at [nvd](https://nvd.nist.gov/vuln/detail/CVE-2026-53825), [ref-4](https://github.com/openclaw/openclaw/security/advisories/GHSA-p2fh-f5fc-44hr), and [ref-5](https://www.vulncheck.com/advisories/openclaw-arbitrary-local-file-read-via-memory-wiki-ingest-with-operator-write-scope).
Official resources
CVE-2026-53825 was published on 2026-06-12T22:16:53.767Z.