Duplicate Advisory: OpenClaw Has a Gateway Control Interface Information Disclosure Vulnerability

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-hr8g-2q7x-3f4w. This link is maintained to preserve external references. Original Description OpenClaw before 2026.3.31 contains an information disclosure vulnerability in the Control Interface bootstrap JSON th...

EUVD-2026-25319

OpenClaw before 2026.3.31 contains an information disclosure vulnerability in the Control Interface bootstrap JSON that exposes version and assistant agent identifiers. Attackers can extract sensitive fingerprinting information from the Control UI bootstrap payload to identify system versions and...

CVE-2026-41335 OpenClaw < 2026.3.31 - Information Disclosure via Control UI Bootstrap JSON

OpenClaw before 2026.3.31 contains an information disclosure vulnerability in the Control Interface bootstrap JSON that exposes version and assistant agent identifiers. Attackers can extract sensitive fingerprinting information from the Control UI bootstrap payload to identify system versions and...

CVE-2026-41335

OpenClaw

PT-2026-34766

OpenClaw before 2026.3.31 contains an information disclosure vulnerability in the Control Interface bootstrap JSON that exposes version and assistant agent identifiers. Attackers can extract sensitive fingerprinting information from the Control UI bootstrap payload to identify system versions and...

Incorrect Authorization

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Incorrect Authorization via the Control UI bootstrap JSON process. An attacker can obtain sensitive information, such as version and assistant agent ID, by accessing the exposed payload...

EUVD-2025-124180

Malicious code in oberon-apex-react-bootstrap-json npm...

EUVD-2025-115991

Malicious code in bootstrap-json-leda-thuban npm...