CVE-2026-35644
MEDIUM
NVD
CVSS Score
6.5
Severity
MEDIUM
Published
Apr 09, 2026
Vendor
unknown
Description
OpenClaw before 2026.3.22 contains an information disclosure vulnerability that allows attackers with operator.read scope to expose credentials embedded in channel baseUrl and httpUrl fields. Attackers can access gateway snapshots via config.get and channels.status endpoints to retrieve sensitive authentication information from URL userinfo components.
References
- https://github.com/openclaw/openclaw/commit/630f1479c44f78484dfa21bb407cbe6f171dac87
- https://github.com/openclaw/openclaw/commit/f0202264d0de7ad345382b9008c5963bcefb01b7
- https://github.com/openclaw/openclaw/security/advisories/GHSA-ppwq-6v66-5m6j
- https://www.vulncheck.com/advisories/openclaw-credential-exposure-via-baseurl-fields-in-gateway-snapshots