GHSA-rwrg-63c8-2784HighCVSS 7.1

OpenClaw before 2026.5.28 contains a credential exposure vulnerability where workspace dotenv...

Published
July 8, 2026
Last Modified
July 8, 2026

🔗 CVE IDs covered (1)

📋 Description

OpenClaw before 2026.5.28 contains a credential exposure vulnerability where workspace dotenv files can override provider credentials. Attackers with lower-trust access to configured input paths can expose sensitive data and credentials that should remain within trusted boundaries.

🔗 References (4)