CVE-2026-62213
Received Received - Intake

Token Leakage in OpenClaw MS Teams Integration

Vulnerability report for CVE-2026-62213, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-17

Last updated on: 2026-07-17

Assigner: VulnCheck

Description

OpenClaw versions before 2026.5.27 contain a token leakage vulnerability in MS Teams outbound requests that allows lower-trust callers to expose Bot Framework tokens. Attackers can access configured input paths to retrieve credentials that should remain within the trusted boundary.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-17
Last Modified
2026-07-17
Generated
2026-07-17
AI Q&A
2026-07-17
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 3 associated CPEs
Vendor Product Version / Range
openclaw openclaw to 2026.5.27 (exc)
microsoft teams *
openclaw msteams to 2026.5.27 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-522 The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

CVE-2026-62213 is a token leakage vulnerability in OpenClaw versions before 2026.5.27. It occurs in Microsoft Teams outbound requests where lower-trust callers can access Bot Framework tokens by exploiting configured input paths. This exposes credentials that should remain within trusted boundaries.

Detection Guidance

To detect this vulnerability, inspect network traffic for outbound Microsoft Teams requests from OpenClaw versions before 2026.5.27. Check for exposed Bot Framework tokens in logs or intercepted requests. Monitor for unusual credential exposure in configured input paths.

Impact Analysis

Attackers could retrieve Bot Framework tokens, leading to unauthorized access to sensitive data or systems. The impact depends on configuration and whether lower-trust input can reach the affected feature. Confidentiality is highly affected while integrity and availability remain unchanged.

Compliance Impact

This vulnerability exposes Bot Framework tokens through improperly protected credentials, which could lead to unauthorized access to sensitive data. For GDPR, this may result in violations of data confidentiality and integrity requirements. Under HIPAA, it could compromise protected health information if tokens grant access to such data.

Mitigation Strategies
  • Upgrade OpenClaw to version 2026.5.27 or later to patch the vulnerability.
  • Restrict the affected Microsoft Teams outbound request feature to trusted operators only.
  • Disable the vulnerable feature if it is not required for operations.
  • Implement narrow allowlists and avoid shared Gateways between untrusted users to reduce exposure.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-62213. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart