PT-2026-28459

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.3.13 Description The software reads and buffers Telegram webhook request bodies before validating the x-telegram-bot-api-secret-token header. This allows unauthenticated attackers to exhaust server resources by...

GHSA-G2F6-PWVX-R275 OpneClaw accepts unsanitized iMessage attachment paths which allowed SCP remote-path command injection

Summary openclaw versions :. In affected releases, the remote host was normalized but the remote attachment path was not validated for shell metacharacters before being passed to the SCP remote operand. A sender-controlled iMessage attachment filename containing shell metacharacters could therefo...

OpenClaw Telegram webhook request bodies were read before secret validation, enabling unauthenticated resource exhaustion

Summary openclaw versions = 2026.3.12 read and buffered Telegram webhook request bodies before validating x-telegram-bot-api-secret-token. This let unauthenticated callers force up to the configured webhook body limit of pre-auth body I/O and JSON parse work per request. Affected Packages /...

Insertion of Sensitive Information into Log File

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File in the fetchRemoteMedia function. An attacker can obtain sensitive bot tokens by triggering Telegram media fetch errors that cause the...

GHSA-XWCJ-HWHF-H378 OpenClaw Telegram media fetch errors exposed bot tokens in logged file URLs

Summary openclaw versions /..., so the resulting error strings could leak bot tokens into logs, console output, or any downstream error surface that rendered the exception text. This issue is in scope under OpenClaw's trust model because the leaked secret is an OpenClaw-operated integration...