CVE-2026-35644 HIGH

CVE-2026-35644: OpenClaw < 2026.3.22 - Credential Exposure via baseUrl Fields in Gateway Snapshots

Vendor Openclaw
Product OpenClaw
Weakness CWE-312 · Cleartext storage
Published April 9, 2026
Last update April 10, 2026

CVSS base score

7.1/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

What the vulnerability does

01Description

OpenClaw before 2026.3.22 contains an information disclosure vulnerability that allows attackers with operator.read scope to expose credentials embedded in channel baseUrl and httpUrl fields. Attackers can access gateway snapshots via config.get and channels.status endpoints to retrieve sensitive authentication information from URL userinfo components.

Key dates

02Disclosure timeline

April 9, 2026 CVE published
April 10, 2026 Record updated