CVE-2026-27003
OpenClaw (npm package) is affected by CVE-2026-27003. The vulnerability stems from logging Telegram bot tokens in error messages/stack traces due to insufficient redaction, which can lead to token disclosure. Affected versions are = 2026.2.15 and rotate any bot tokens that may have been exposed. ...