AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

GHSA-chf7-jq6g-qrwv: OpenClaw: Telegram bot token exposure via logs

mediumvulnerability

security

Source: GitHub Advisory DatabaseFebruary 18, 2026CVE-2026-27003

Summary

OpenClaw, an npm package, had a vulnerability where Telegram bot tokens (the credentials used to access Telegram's bot API) could leak into logs and error messages because the package didn't hide them when logging. An attacker who obtained a leaked token could impersonate the bot and take control of its API access.

Solution / Mitigation

Upgrade to openclaw >= 2026.2.15 when released. Additionally, rotate the Telegram bot token if it may have been exposed.

Vulnerability Details

EPSS (30-day exploit probability)

EPSS: 0.0%

Classification

Attack Type

PII Leakage

Attack SophisticationTrivial

Impact (CIA+S)

confidentialityintegrity

Affected Vendors

Affected Packages

openclaw@< 2026.2.15 (fixed: 2026.2.15)

Related Issues

medium

CVE-2026-2589: The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to Sensitive Information Exposure

Similar attackNVD/CVE Database

high

Claude Code Flaws Allow Remote Code Execution and API Key Exfiltration

First tracked: February 18, 2026 at 07:00 PM

Classified by LLM (prompt v3) · confidence: 75%