CVE-2026-3691

OpenClaw Client PKCE Verifier Information Disclosure Vulnerability

Assigner: zdi
Reserved: 07.03.2026 Published: 11.04.2026 Updated: 11.04.2026

OpenClaw Client PKCE Verifier Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose stored credentials on affected installations of OpenClaw. User interaction is required to exploit this vulnerability in that the target must initiate an OAuth authorization flow.

The specific flaw exists within the implementation of OAuth authorization. The issue results from the exposure of sensitive data in the authorization URL query string. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-29381.

Metrics

CVSS Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
CVSS Score: 5.3

Attack Vector	Network	Scope	Unchanged
Attack Complexity	High	Confidentiality Impact	High
Privileges Required	None	Integrity Impact	None
User Interaction	Required	Availability Impact	None

CVSS 3.0

Product Status

Vendor	OpenClaw
Product	OpenClaw
Versions	Default: unknown Version 2026.2.21 is affected

Vendor

OpenClaw

Product

OpenClaw

Versions

Default: unknown

Version 2026.2.21 is affected

References

Problem Types

CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE

CVE-2026-3691 PUBLISHED

OpenClaw Client PKCE Verifier Information Disclosure Vulnerability

Metrics

Product Status

References

Problem Types