Cleartext transmission of sensitive information in OpenClaw - CVE-2026-40045
Published: April 30, 2026
Vulnerability identifier: #VU128610
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2026-40045
CWE-ID: CWE-319
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: OpenClaw
Affected software:
OpenClaw
OpenClaw
Detailed vulnerability description
The vulnerability allows a remote attacker to disclose stored gateway credentials in plaintext.
The vulnerability exists due to improper transport layer protection in the Android gateway client when processing forged discovery results or crafted setup codes that direct the client to a cleartext remote ws:// gateway endpoint. A remote attacker can provide a forged discovery result or crafted setup code to disclose stored gateway credentials in plaintext.
User interaction is required to follow the forged discovery result or scan the crafted setup code.
How to mitigate CVE-2026-40045
Install security update from vendor's website.