Main Vulnerability Database Vulnerabilities #VU132739

Improper access control in OpenClaw - #VU132739

Published: May 29, 2026

Vulnerability identifier: #VU132739

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: N/A

CWE-ID: CWE-284

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: OpenClaw

Affected software:
OpenClaw

Detailed vulnerability description

The vulnerability allows a remote user to disclose sensitive information.

The vulnerability exists due to improper access control in memory-wiki shared search when handling shared memory search requests. A remote user can search shared memory through the affected path to disclose sensitive information.

Only instances with the affected feature enabled and reachable are vulnerable.

Remediation

Install security update from vendor's website.

Sources

https://github.com/openclaw/openclaw/security/advisories/GHSA-72fw-cqh5-f324

Improper access control in OpenClaw - #VU132739

Detailed vulnerability description

Remediation

Sources

Please verify you're human