What happened
NVD published a medium-severity (CVSS 6.5) credential-leak/authorization-scope issue where OpenClaw's MCP SSE transport forwards sensitive Authorization headers to redirect targets.
Why it matters
Forwarding auth headers on redirect is a classic SSRF/credential-leak pattern; in an MCP context this could let a malicious or compromised MCP server endpoint capture the operator's authorization token via a redirect, impacting confidentiality depending on the operator's configuration.
Attack vector
When the affected feature is enabled and reachable, OpenClaw could forward Authorization headers during MCP SSE (Server-Sent Events) redirects, allowing a lower-trust caller or configured input path to execute or persist actions beyond the caller's intended authorization scope.
Affected systems
OpenClaw before 2026.6.5
Mitigation
Upgrade to OpenClaw 2026.6.5 or later per GHSA-9c3v-684m-579c; avoid enabling MCP SSE redirect-following where not required.