CVE-2026-27004

20.02.2026, 00:16

OpenClaw is a personal AI assistant. Prior to version 2026.2.15, in some shared-agent deployments, OpenClaw session tools (`sessions_list`, `sessions_history`, `sessions_send`) allowed broader session targeting than some operators intended. This is primarily a configuration/visibility-scoping issue in multi-user environments where peers are not equally trusted. In Telegram webhook mode, monitor startup also did not fall back to per-account `webhookSecret` when only the account-level secret was configured. In shared-agent, multi-user, less-trusted environments: session-tool access could expose transcript content across peer sessions. In single-agent or trusted environments, practical impact is limited. In Telegram webhook mode, account-level secret wiring could be missed unless an explicit monitor webhook secret override was provided. Version 2026.2.15 fixes the issue.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	5.5 MEDIUM	LOCAL	LOW	LOW	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Base Score

CVSS 3.x

EPSS Score

Percentile: Unknown

Affected Products (NVD)

Vendor	Product	Version
openclaw	openclaw	𝑥 < 2026.2.15

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-209 - Generation of Error Message Containing Sensitive Information
The software generates an error message that includes sensitive information about its environment, users, or associated data.

Vulnerability Media Exposure

[GERMAN] OpenClaw: Mehrere Schwachstellen
Ein Angreifer kann mehrere Schwachstellen in OpenClaw ausnutzen, um Informationen offenzulegen und Daten zu manipulieren.
Published: 2026-02-17T23:00:00+00:00

References

https://github.com/openclaw/openclaw/commit/c6c53437f7da033b94a01d492e904974e7bda74c

https://github.com/openclaw/openclaw/security/advisories/GHSA-6hf3-mhgc-cm65