Insufficient verification of data authenticity in OpenClaw - CVE-2026-26327
Published: May 4, 2026
Vulnerability identifier: #VU129468
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2026-26327
CWE-ID: CWE-345
Exploitation vector: Adjecent network
Exploit availability:
No public exploit available
Vendor: OpenClaw
Affected software:
OpenClaw
OpenClaw
Detailed vulnerability description
The vulnerability allows a remote attacker to disclose sensitive information.
The vulnerability exists due to insufficient verification of data authenticity in discovery TXT record handling when processing unauthenticated Bonjour/mDNS and DNS-SD service advertisements on a shared or untrusted LAN. A remote attacker can advertise a rogue _openclaw-gw._tcp service with crafted TXT records to disclose sensitive information.
This can steer clients to an attacker-controlled endpoint and may cause acceptance of an attacker certificate, potentially exposing Gateway credentials during connection.
How to mitigate CVE-2026-26327
Install security update from vendor's website.