4 matches found
CVE-2026-43528 OpenClaw < 2026.4.14 - Redaction Bypass via sourceConfig and runtimeConfig Aliases
OpenClaw before 2026.4.14 contains a redaction bypass vulnerability that allows authenticated gateway clients to receive unredacted secrets through sourceConfig and runtimeConfig alias fields. Attackers with config read access can exploit this to obtain provider API keys, gateway authentication...
CVE-2026-43528
OpenClaw before 2026.4.14 contains a redaction bypass vulnerability that allows authenticated gateway clients to receive unredacted secrets through sourceConfig and runtimeConfig alias fields. Attackers with config read access can exploit this to obtain provider API keys, gateway authentication...
CVE-2026-43528
OpenClaw, prior to version 2026.4.14, is affected by a redaction bypass vulnerability that lets authenticated gateway clients read unredacted secrets via the sourceConfig and runtimeConfig aliases. Attackers with config read access can obtain sensitive material such as provider API keys, gateway ...
CVE-2026-43528 OpenClaw < 2026.4.14 - Redaction Bypass via sourceConfig and runtimeConfig Aliases
OpenClaw before 2026.4.14 contains a redaction bypass vulnerability that allows authenticated gateway clients to receive unredacted secrets through sourceConfig and runtimeConfig alias fields. Attackers with config read access can exploit this to obtain provider API keys, gateway authentication...