Lucene search
+L

4 matches found

cve
cve
added 2026/03/31 11:17 a.m.9 views

CVE-2026-32982

OpenClaw prior to 2026.3.13 contains an information disclosure vulnerability in the fetchRemoteMedia function that exposes Telegram bot tokens. When media downloads fail, original Telegram file URLs (containing bot tokens) can be embedded in MediaFetchError strings and leaked to logs and error su...

8.7CVSS5.9AI score0.00418EPSS
Exploits0References3Affected Software1
osv
osv
added 2026/03/31 11:17 a.m.3 views

CVE-2026-32982 OpenClaw < 2026.3.13 - Telegram Bot Token Exposure in Media Fetch Error Logs

OpenClaw before 2026.3.13 contains an information disclosure vulnerability in the fetchRemoteMedia function that exposes Telegram bot tokens in error messages. When media downloads fail, the original Telegram file URLs containing bot tokens are embedded in MediaFetchError strings and leaked to lo...

8.7CVSS5.9AI score0.00418EPSS
Exploits0References5
cnnvd
cnnvd
added 2026/03/31 12:0 a.m.10 views

OpenClaw 日志信息泄露漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.3.13 had a log information leakage vulnerability. This vulnerability stemmed from the fetchRemoteMedia function, which had a flaw that could lead to log information being exposed ...

8.7CVSS5.8AI score0.00418EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2026/03/31 12:0 a.m.4 views

PT-2026-29234

OpenClaw before 2026.3.13 contains an information disclosure vulnerability in the fetchRemoteMedia function that exposes Telegram bot tokens in error messages. When media downloads fail, the original Telegram file URLs containing bot tokens are embedded in MediaFetchError strings and leaked to lo...

8.7CVSS5.9AI score0.00418EPSS
Exploits0References4
Rows per page
Query Builder