CVE-2026-32970

Published: Mar 31, 2026 Last Modified: Mar 31, 2026

ExploitDB:

Other exploit source:

Google Dorks:

LOW 2,0

Source: [email protected]

Attack Vector: local

Attack Complexity: high

Privileges Required: low

User Interaction: none

Confidentiality: N/A

Integrity: N/A

Availability: N/A

LOW 2,5

Source: [email protected]

Attack Vector: local

Attack Complexity: high

Privileges Required: low

User Interaction: none

Scope: unchanged

Confidentiality: low

Integrity: none

Availability: none

Description

AI Translation Available

OpenClaw before 2026.3.11 contains a credential fallback vulnerability where unavailable local gateway.auth.token and gateway.auth.password SecretRefs are treated as unset, allowing fallback to remote credentials in local mode. Attackers can exploit misconfigured local auth references to cause CLI and helper paths to select incorrect credential sources, potentially bypassing intended local authentication boundaries.

636

Not Failing Securely ('Failing Open')

Draft

Abstraction: Class Structure: Simple

Common Consequences

Security Scopes Affected:

Access Control

Potential Impacts:

Bypass Protection Mechanism

Applicable Platforms

Technologies: Not Technology-Specific, ICS/OT

View CWE Details

https://github.com/openclaw/openclaw/security/advisories/GH…

https://github.com/openclaw/openclaw/security/advisories/GHSA-qvr7-g57c-mrc7

https://www.vulncheck.com/advisories/openclaw-credential-fa…

https://www.vulncheck.com/advisories/openclaw-credential-fallback-logic-bypass-…

CVE-2026-32970

Description

Not Failing Securely ('Failing Open')

Common Consequences

Applicable Platforms

Iscriviti alla newsletter