CVE-2026-32846 — OpenClaw before 2026.3.28 contains a path traversal vulnerability in media parsing that allows attackers to read arbitrary files by bypassing path validation in the isLikelyLocalPath() and isValidMedi — CVE Database · The Intelligence Room