4 matches found
OpenClaw: `session_status` still bypasses configured `tools.sessions.visibility` for unsandboxed invocations
Summary sessionstatus still bypasses configured tools.sessions.visibility for unsandboxed invocations Current Maintainer Triage - Status: narrow - Normalized severity: medium - Assessment: Real on shipped v2026.3.22: non-sandboxed sessionstatus skipped the shared visibility guard, but this is a...
OpenClaw: Self-Whitelisting in appendLocalMediaParentRoots Allows Arbitrary File Read & Credential Exfiltration
Summary Media Local Roots Self-Whitelisting in appendLocalMediaParentRoots Allows Model-Initiated Arbitrary Host File Read and Credential Exfiltration Current Maintainer Triage - Status: narrow - Normalized severity: medium - Assessment: v2026.3.28 still self-whitelists media parent dirs in...
GHSA-68V4-HMWV-F43H OpenClaw: Media download follows cross-origin redirects with Authorization headers intact
Summary Media download follows cross-origin redirects with Authorization headers intact Current Maintainer Triage - Status: open - Normalized severity: medium - Assessment: Shipped v2026.3.28 media downloads forwarded Authorization across cross-origin redirects, a real in-scope credential-leak...
OpenClaw Nostr privateKey config redaction bypass leaks plaintext signing key via config.get
Summary OpenClaw Nostr privateKey config redaction bypass leaks plaintext signing key via config.get Current Maintainer Triage - Status: open - Normalized severity: medium - Assessment: v2026.3.28 still models Nostr privateKey as plain string so config views can expose it, and the secret-schema f...