Vulnerability Description
OpenClaw Client PKCE Verifier Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose stored credentials on affected installations of OpenClaw. User interaction is required to exploit this vulnerability in that the target must initiate an OAuth authorization flow. The specific flaw exists within the implementation of OAuth authorization. The issue results from the exposure of sensitive data in the authorization URL query string. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-29381.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Openclaw | Openclaw | < 2026.2.25 |
Related Weaknesses (CWE)
References
- https://github.com/openclaw/openclaw/security/advisories/GHSA-6g25-pc82-vfwpThird Party Advisory
- https://www.zerodayinitiative.com/advisories/ZDI-26-229/Third Party Advisory
FAQ
What is CVE-2026-3691?
CVE-2026-3691 is a vulnerability with a CVSS score of 5.3 (MEDIUM). OpenClaw Client PKCE Verifier Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose stored credentials on affected installations of OpenClaw. User interaction is...
How severe is CVE-2026-3691?
CVE-2026-3691 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-3691?
Check the references section above for vendor advisories and patch information. Affected products include: Openclaw Openclaw.