PocketClawAI security alerts
Sign in
vulnerabilityhigh · CVSS 7.4open

CVE-2026-25898

OpenClaw — credential leak via verbose error logs

Timeline
Disclosed2026-04-22Patch availableOpen2026-05-03

Each rust dot is a disclosed event in this advisory's life: when it was published, when (if ever) a patch shipped and where things stand today (the dashed line). Ghosted dots are events that haven't happened yet.

Summary

Verbose error logging in OpenClaw 2026.4.0–2026.4.5 includes API keys when an HTTP 401 is returned by the LLM provider. Logs are written to stdout and may be exfiltrated by any process with read access to the OpenClaw container.

Details

CVE IDCVE-2026-25898
Severityhigh (7.4)
CVSS vectorAV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Published2026-04-22
Patchednot yet
Affected versions2026.4.0 – 2026.4.5
Fixed in2026.4.6
Exploited in the wildno known exploitation

Affected AI agents

OpenClaw
Are you running OpenClaw?Paste your docker-compose.yml or requirements.txt and we'll tell you in 10 seconds whether CVE-2026-25898 hits your stack.
Scan my AI stack →

What to do

  • If you run an affected version: upgrade to 2026.4.6 immediately. Do not delay this for convenience reasons.
  • Rotate any credentials that may have been exposed via the affected component.
  • Audit your logs for indicators of exploitation — unexpected outbound traffic, anomalous tool calls, unfamiliar authenticated sessions.
  • If exploitation is confirmed, treat the host as compromised: rebuild from a clean image, rotate every secret on the host, audit lateral movement.

Sources

Are you affected?

Type the version you have installed. We check it against 2026.4.0 – 2026.4.5.

This is a best-effort check. When in doubt, upgrade to 2026.4.6.

Related AI CVEs

See also: all AI CVEs, AI agents tracker, scan your AI stack, Pro alerts, methodology.