CVE Catalog

CVE-2026-53827

MediumCVSS 6.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.25%

16th percentile — higher than 16% of all known CVEs

Summary

OpenClaw before version 2026.5.2 contains a credential exposure vulnerability in message.action forwarding, allowing action payloads with Gateway credentials to be forwarded to attacker-supplied loopback URLs. Remote attackers can intercept Gateway tokens and action payloads by providing malicious loopback targets through model-controlled action metadata.

Risk Assessment

Organizations may be exposed to the interception of sensitive data, such as Gateway tokens, which could lead to unauthorized access to systems and data. Credential exposure can result in serious security implications.

Recommendation

It is recommended to update OpenClaw to version 2026.5.2 or later to mitigate this vulnerability. Additionally, monitoring and restricting access to action metadata should be implemented to minimize risk.

Original NVD description (English source)

OpenClaw before 2026.5.2 contains a credential exposure vulnerability in message.action forwarding that allows model-controlled metadata to forward action payloads with Gateway credentials to attacker-supplied loopback URLs. Remote attackers can intercept Gateway tokens and action payloads by providing malicious loopback targets through model-controlled action metadata.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS