OpenClaw Session Transcript Files Insufficient Permission Vulnerability

A vulnerability exists in OpenClaw versions prior to 2026.2.17, where session transcript JSONL files are created with overly broad default permissions. This flaw allows local users to read the contents of these transcript files, which may include sensitive information such as secrets from tool output. The issue arises because the application does not enforce user-only permissions, leaving transcript contents accessible to other local users or processes on the same machine.

Impact

The vulnerability can lead to unauthorized access to session transcript files, allowing local users to read potentially sensitive information, including secrets from tool output.

Reproduction

To reproduce this vulnerability, create a session transcript file in an affected version of OpenClaw (prior to 2026.2.17). The file will be generated with default permissions that do not restrict access to the file owner. Once the file is created, it can be accessed by other local users or processes, exposing its contents.

Remediation

Users can update to OpenClaw version 2026.2.17 or later, where this vulnerability has been fixed. The latest version as of now is 2026.3.13.