CVE-2026-33572
OpenClaw is affected by CVE-2026-33572 prior to version 2026.2.17, where session transcript JSONL files are created with overly broad default permissions. This allows local attackers with access to read transcript contents and potentially extract sensitive information, including secrets from tool...