GHSA-rwrg-63c8-2784HighCVSS 7.1
OpenClaw before 2026.5.28 contains a credential exposure vulnerability where workspace dotenv...
🔗 CVE IDs covered (1)
📋 Description
OpenClaw before 2026.5.28 contains a credential exposure vulnerability where workspace dotenv files can override provider credentials. Attackers with lower-trust access to configured input paths can expose sensitive data and credentials that should remain within trusted boundaries.