Credential Exposure Vulnerability in OpenClaw Media Download Functionality
CVE-2026-41345
6MEDIUM
What is CVE-2026-41345?
OpenClaw versions prior to 2026.3.31 suffer from a vulnerability that exposes sensitive authorization credentials through the media download functionality. This flaw allows attackers to craft malicious cross-origin redirect chains that can intercept authorization headers meant for legitimate requests, posing a significant risk to user security and data integrity.
Affected Version(s)
OpenClaw 0 < 2026.3.31
OpenClaw 2026.3.31