OpenClaw: Unauthorized access to media downloads through redirects

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

6.0

OpenClaw: Unauthorized access to media downloads through redirects

GHSA-68v4-hmwv-f43h

Summary

A security issue in OpenClaw allows unauthorized access to media downloads if an attacker redirects a user to a malicious website. This can happen if the user has previously logged in to OpenClaw and has cookies or an Authorization header stored. Update to the latest version of OpenClaw to fix this issue.

What to do

Update openclaw to version 2026.3.31.

Affected software

Vendor	Product	Affected versions	Fix available
–	openclaw	<= 2026.3.28	2026.3.31

Original title

OpenClaw: Media download follows cross-origin redirects with Authorization headers intact

Original description

## Summary
Media download follows cross-origin redirects with Authorization headers intact

## Current Maintainer Triage
- Status: open
- Normalized severity: medium
- Assessment: Shipped v2026.3.28 media downloads forwarded Authorization across cross-origin redirects, a real in-scope credential-leak class that fits medium.

## Affected Packages / Versions
- Package: `openclaw` (npm)
- Latest published npm version: `2026.3.31`
- Vulnerable version range: `<=2026.3.28`
- Patched versions: `>= 2026.3.31`
- First stable tag containing the fix: `v2026.3.31`

## Fix Commit(s)
- `e704323ff388ed21f6963f9b8e0b1b8dfaaabc5f` — 2026-03-31T19:57:42+09:00

OpenClaw thanks @AntAISecurityLab for reporting.

ghsa CVSS4.0 6.0

Vulnerability type

CWE-522 Insufficiently Protected Credentials

Published: 3 Apr 2026 · Updated: 3 Apr 2026 · First seen: 3 Apr 2026