A vulnerability described as problematic has been identified in OpenClaw up to 2026.3.1 . Impacted is an unknown function of the component ZIP Extraction . Executing a manipulation can lead to time-of-check time-of-use. The identification of this vulnerability is CVE-2026-27670 . The attack can only be executed locally. There is no exploit available. Upgrading the affected component is recommended.