Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.3
OpenClaw Client Credentials Exposed Through OAuth Authorization
CVE-2026-3691
Summary
An attacker can obtain stored credentials for OpenClaw installations by manipulating an OAuth authorization flow. This can happen when a user initiates the flow on their own, allowing an attacker to access sensitive data. To protect against this, users should review their OAuth authorization processes and consider implementing additional security measures.
Original title
OpenClaw Client PKCE Verifier Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose stored credentials on affected installations of OpenClaw. User interaction...
Original description
OpenClaw Client PKCE Verifier Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose stored credentials on affected installations of OpenClaw. User interaction is required to exploit this vulnerability in that the target must initiate an OAuth authorization flow.
The specific flaw exists within the implementation of OAuth authorization. The issue results from the exposure of sensitive data in the authorization URL query string. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-29381.
The specific flaw exists within the implementation of OAuth authorization. The issue results from the exposure of sensitive data in the authorization URL query string. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-29381.
nvd CVSS3.0
5.3
Vulnerability type
CWE-200
Information Exposure
Published: 11 Apr 2026 · Updated: 11 Apr 2026 · First seen: 11 Apr 2026