CVE-2026-33574 — OpenClaw before 2026.3.8 contains a path traversal vulnerability in the skills download installer that validates the tools root lexically but reuses the mutable path during archive download and copy o — CVE Database · The Intelligence Room