CVE-2026-33572

HIGH

OpenClaw < 2026.2.17 - Insufficient File Permissions in Session Transcript Files

Title source: cna
STIX 2.1

Description

OpenClaw before 2026.2.17 creates session transcript JSONL files with overly broad default permissions, allowing local users to read transcript contents. Attackers with local access can read transcript files to extract sensitive information including secrets from tool output.

References (3)

Core 3
Core References
Third Party Advisory vendor-advisory
GitHub Security Advisory (GHSA-vr7j-g7jv-h5mp)
https://github.com/openclaw/openclaw/security/advisories/GHSA-vr7j-g7jv-h5mp
Third Party Advisory third-party-advisory
VulnCheck Advisory: OpenClaw < 2026.2.17 - Insufficient File Permissions in Session Transcript Files
https://www.vulncheck.com/advisories/openclaw-insufficient-file-permissions-in-session-transcript-files

Scores

CVSS v3 8.4
EPSS 0.0012
EPSS Percentile 2.2%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-378
Status published
Products (4)
npm/openclaw 0 - 2026.2.17npm
OpenClaw/OpenClaw < 2026.2.17
openclaw/openclaw < 2026.2.17
OpenClaw/OpenClaw 2026.2.17
Published Mar 29, 2026
Tracked Since Mar 29, 2026