Ghostwire

CVE-2026-62213: OpenClaw versions before 2026.5.27 contain a token leakage vulnerability in MS Teams outbound requests that allows...

MEDIUM CVSS 6.5

Published: July 17, 2026 | Last Modified: July 17, 2026

Description

OpenClaw versions before 2026.5.27 contain a token leakage vulnerability in MS Teams outbound requests that allows lower-trust callers to expose Bot Framework tokens. Attackers can access configured input paths to retrieve credentials that should remain within the trusted boundary.

Ghostwire Analysis — What This Means Practically

This analysis is generated by Ghostwire from NVD, CISA KEV, EPSS, and open-source intelligence data. Verify findings through primary sources before acting.

References