Back to overview

CVE-2026-62211

MEDIUM
5.0
CVSS 3.1
Description
OpenClaw versions before 2026.6.1 contain a credential redaction bypass vulnerability in the trajectory export feature that allows lower-trust callers to access data that should remain within trusted boundaries. Attackers can exploit misconfigured input paths or feature accessibility to expose sensitive credentials and data through the export mechanism.

Metadata

CVE ID
CVE-2026-62211
State
PUBLISHED
Assigner
VulnCheck
Reserved
2026-07-13 16:39 UTC
Published
2026-07-17 00:06 UTC
Last updated
2026-07-17 00:06 UTC
Primary CWE
CWE-532
Insertion of Sensitive Information into Log File
Vendor / Product
OpenClaw / OpenClaw
Sources
cve.org  ·  NVD

Severity & Metrics

5.0 MEDIUM CVSS 3.1
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
Affected products (1)
VendorProductPlatformVersions
OpenClaw OpenClaw 0 < 2026.6.1, 2026.6.1
Weakness (CWE)
CWESourceDescription
CWE-532 cna Insertion of Sensitive Information into Log File
CVSS scores (2)
ScoreSeverityVersionSourceVector
5.0 MEDIUM 3.1 cna CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
4.1 MEDIUM 4.0 cna CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
References (2)
Back to overview