Description
OpenClaw is a personal AI assistant. Prior to version 2026.2.14, `skills.status` could disclose secrets to `operator.read` clients by returning raw resolved config values in `configChecks` for skill `requires.config` paths. Version 2026.2.14 stops including raw resolved config values in requirement checks (return only `{ path, satisfied }`) and narrows the Discord skill requirement to the token key. In addition to upgrading, users should rotate any Discord tokens that may have been exposed to read-scoped clients.
Published: 2026-02-19
Score: 5.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Sensitive Information Disclosure
Action: Upgrade
AI Analysis

Impact

The vulnerability arises in OpenClaw’s skills.status endpoint, which returns raw resolved configuration values for skill paths that require configuration. This disclosure can leak secrets to clients that possess the operator.read scope, revealing sensitive data such as tokens and other configuration settings. The flaw is a classic information‑leak weakness and directly threatens confidentiality of system configuration.

Affected Systems

Models of OpenClaw released before version 2026.2.14 are affected. Users deploying any OpenClaw instance with a version earlier than the 2026.2.14 release should verify their installed version and ensure it is updated.

Risk and Exploitability

The CVSS score of 5.3 indicates a moderate severity, but the EPSS score of less than 1% suggests exploitation is unlikely. The vulnerability is not listed in the CISA Known Exploited Vulnerabilities catalog. Based on the description, the attack requires an attacker who can access an operator.read client or forge such a request to the skills.status endpoint. Once such access is obtained, the attacker may retrieve configuration secrets unintentionally exposed by the API.

Generated by OpenCVE AI on April 17, 2026 at 17:47 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to OpenClaw version 2026.2.14 or later, which removes raw configuration data from the status response.
  • Rotate any Discord tokens that may have been exposed by the vulnerability, as the updated release limits the token to the token key.
  • Review operator.read permissions to ensure that only trusted clients can invoke the skills.status endpoint and consider tightening access controls.
  • Monitor logs for unusual or repeated calls to skills.status and investigate any unexpected secret disclosures.

Generated by OpenCVE AI on April 17, 2026 at 17:47 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-8mh7-phf8-xgfm OpenClaw skills.status could leak secrets to operator.read clients
History

Mon, 23 Feb 2026 14:00:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*
Metrics cvssV3_1

{'score': 4.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N'}

Fri, 20 Feb 2026 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 20 Feb 2026 10:15:00 +0000

Type Values Removed Values Added
First Time appeared Openclaw
Openclaw openclaw
Vendors & Products Openclaw
Openclaw openclaw

Thu, 19 Feb 2026 23:15:00 +0000

Type Values Removed Values Added
Description OpenClaw is a personal AI assistant. Prior to version 2026.2.14, `skills.status` could disclose secrets to `operator.read` clients by returning raw resolved config values in `configChecks` for skill `requires.config` paths. Version 2026.2.14 stops including raw resolved config values in requirement checks (return only `{ path, satisfied }`) and narrows the Discord skill requirement to the token key. In addition to upgrading, users should rotate any Discord tokens that may have been exposed to read-scoped clients.
Title OpenClaw skills.status could leak secrets to operator.read clients
Weaknesses CWE-200
References
Metrics cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

Openclaw Openclaw
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-02-20T15:39:29.706Z

Reserved: 2026-02-13T16:27:51.808Z

Link: CVE-2026-26326

cve-icon Vulnrichment

Updated: 2026-02-20T15:27:17.228Z

cve-icon NVD

Status : Analyzed

Published: 2026-02-19T23:16:25.950

Modified: 2026-02-23T13:46:15.530

Link: CVE-2026-26326

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-17T18:00:12Z

Weaknesses