HIGHCVE-2026-43528Published 2026-05-05Modified 2026-05-06CNA VulnCheck

CVE-2026-43528: OpenClaw < 2026.4.14 - Redaction Bypass via sourceConfig and runtimeConfig Aliases

OpenClaw before 2026.4.14 contains a redaction bypass vulnerability that allows authenticated gateway clients to receive unredacted secrets through sourceConfig and runtimeConfig alias fields. Attackers with config read access can exploit this to obtain provider API keys, gateway authentication material, and channel credentials that should have been redacted.

CVSS v4.0: 7.1
Severity: HIGH
Fixed in: 2026.4.14
Affected Products: 1

Fix available

2026.4.14

Patch commits

Patch Commit

Affected packages

OpenClaw / OpenClaw
< 2026.4.14 (from 0)
Fixed in 2026.4.14

CVSS Vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

References

GitHub Security Advisory (GHSA-8372-7vhw-cm6q)
Patch Commit
VulnCheck Advisory: OpenClaw < 2026.4.14 - Redaction Bypass via sourceConfig and runtimeConfig Aliases

Metrics

Fix available