Executive Summary

CVE-2026-3691 is an information disclosure vulnerability in the OpenClaw macOS app's OAuth authorization implementation, specifically involving the PKCE (Proof Key for Code Exchange) verifier.

The flaw occurs because the PKCE code_verifier, a secret value that should remain confidential, is improperly exposed by embedding it in the OAuth state parameter, which is transmitted via front-channel URLs during the OAuth authorization flow.

This exposure allows remote attackers to intercept sensitive data, including stored credentials, if the target user initiates the OAuth authorization process.

The vulnerability is limited to the macOS app's beta onboarding flow and does not affect other OpenClaw components like the CLI or gateway onboarding paths.

Useful 0 Not Useful 0

Impact Analysis

This vulnerability can lead to the disclosure of stored credentials to remote attackers who intercept the OAuth authorization URL containing the exposed PKCE verifier.

If exploited, attackers could compromise the authentication process, potentially gaining unauthorized access to user accounts or sensitive information.

However, exploitation requires user interaction, as the target must initiate the OAuth authorization flow.

Useful 0 Not Useful 0

Detection Guidance

This vulnerability involves the exposure of the PKCE code_verifier in the OAuth authorization URL query string during the OAuth authorization flow in the OpenClaw macOS app beta onboarding process.

Detection can focus on monitoring OAuth authorization URL query strings for the presence of sensitive PKCE verifier data, especially in network traffic related to OpenClaw macOS app versions up to 2026.2.24.

Since the vulnerability manifests as sensitive data leakage in front-channel URLs, network traffic capture tools like Wireshark or tcpdump can be used to inspect OAuth authorization requests for suspicious query parameters containing the PKCE code_verifier or state parameter.

Example commands to capture and filter such traffic might include:

• Using tcpdump to capture HTTP traffic on port 80 or HTTPS traffic on port 443 (if decrypted): tcpdump -i <interface> -A 'tcp port 80 or tcp port 443'
• Using Wireshark to filter HTTP requests containing 'state=' or 'code_verifier' in the URL query string.

Additionally, reviewing application logs or OAuth authorization logs for URLs containing the PKCE verifier or state parameter may help detect exploitation attempts.

Useful 0 Not Useful 0

Mitigation Strategies

The primary mitigation is to update the OpenClaw macOS app to version 2026.2.25 or later, where the vulnerability has been fixed by removing the Anthropic OAuth sign-in from the macOS onboarding flow and replacing it with a setup-token-only authentication method.

Until the update can be applied, avoid initiating the OAuth authorization flow in the affected OpenClaw macOS beta onboarding path to prevent exposure of sensitive PKCE verifier data.

Additionally, monitor network traffic and logs for suspicious OAuth authorization URL query strings that may indicate exploitation attempts.

Useful 0 Not Useful 0

Compliance Impact

The vulnerability allows remote attackers to disclose stored credentials by exposing sensitive data in the OAuth authorization URL query string. This exposure of sensitive authentication information could potentially lead to unauthorized access and compromise of user data.

Such unauthorized disclosure and potential compromise of sensitive credentials may impact compliance with data protection standards and regulations like GDPR and HIPAA, which require safeguarding personal and sensitive information against unauthorized access and breaches.

However, the provided information does not explicitly discuss the direct impact on compliance with these standards or any regulatory consequences.

Useful 0 Not Useful 0