CVE-2026-33572 in OpenClaw信息

摘要 (英语)

OpenClaw before 2026.2.17 creates session transcript JSONL files with overly broad default permissions, allowing local users to read transcript contents. Attackers with local access can read transcript files to extract sensitive information including secrets from tool output.

负责

VulnCheck

预定

2026-03-23

披露

2026-03-29

条目

已发布	基础	临时	漏洞	CWE	产品	可利用	对策	EPSS	CTI	CVE
2026-03-29	6.8	6.7	OpenClaw JSONL Local Privilege Escalation	378	Artificial Intelligence Software	未定义	官方修复	0.00000	6.25	CVE-2026-33572

显示更多

描述
更改
网络威胁情报
API/JSON

◂ 上一步一览下一步 ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!