CVE-2026-33572 in OpenClaw
요약 (영어)
OpenClaw before 2026.2.17 creates session transcript JSONL files with overly broad default permissions, allowing local users to read transcript contents. Attackers with local access can read transcript files to extract sensitive information including secrets from tool output.
책임이 있는
VulnCheck
예약하다
2026. 03. 23.
공개
2026. 03. 29.
엔트리
| 게시됨 | 기본 | 임시 | 취약성 | CWE | 제품 | 악용 | 대책 | EPSS | CTI | CVE |
|---|---|---|---|---|---|---|---|---|---|---|
| 2026. 03. 29. | 6.8 | 6.7 | OpenClaw JSONL Local Privilege Escalation | 378 | Artificial Intelligence Software | 정의되지 않음 | 공식 수정 | 0.00000 | 6.45 | CVE-2026-33572 |