OpenClaw versions prior to 2026.3.22 contain a flaw in the service discovery mechanism where TXT metadata supplied via Bonjour and DNS‑SD can influence command‑line interface routing even when the advertised service cannot be resolved. An attacker who can inject malicious discovery metadata may steer the routing logic to propagate traffic to unintended targets, potentially exposing data or allowing the execution of unintended code on those targets. This weakness can be used to affect the confidentiality and integrity of network communications, though it does not grant direct code execution privileges. The Common Weakness Enumeration associated with this issue is CWE‑345, indicating insecure handling of input metadata.

The affected product is OpenClaw OpenClaw running any version earlier than 2026.3.22. Users of this software running those versions are at risk unless they upgrade or apply mitigations.

The CVSS score of 5.1 suggests moderate severity, and there is no publicly known exploit or listing in the CISA Known Exploited Vulnerabilities catalog. Exploitation would likely require an attacker with local or network proximity able to broadcast or otherwise provide forged Bonjour/DNS‑SD TXT records. The attack vector is inferred to be local or network‑based, given the nature of the service discovery protocol. While the exact likelihood of successful exploitation is uncertain without new evidence, the presence of the flaw and its potential impact warrants attention and remediation.