DEV Community

CVE Reports
CVE Reports

Posted on • Originally published at cvereports.com

CVE-2026-53840: CVE-2026-53840: Sensitive Header Leakage via Cross-Origin Redirects in OpenClaw MCP Servers

#security #cve #cybersecurity

CVE-2026-53840: Sensitive Header Leakage via Cross-Origin Redirects in OpenClaw MCP Servers

Vulnerability ID: CVE-2026-53840
CVSS Score: 6.0
Published: 2026-06-17

An information disclosure vulnerability exists in OpenClaw before version 2026.5.12. The issue resides within the streamable-http Model Context Protocol (MCP) server integration, where the application client automatically forwards operator-configured custom headers during cross-origin HTTP redirects. If an attacker controls or compromises a configured remote MCP endpoint, they can issue redirect responses to exfiltrate highly sensitive data, such as API keys or tenant-routing credentials, to unauthorized external origins.

TL;DR

OpenClaw versions prior to 2026.5.12 leak configured custom HTTP headers to third-party domains when an MCP server returns a redirect response. Attackers can leverage this behavior to capture sensitive API keys and tokens.

Technical Details

  • CWE ID: CWE-522: Insufficiently Protected Credentials
  • Attack Vector: Network
  • CVSS v4.0 Base Score: 6.0 (Medium)
  • CVSS v3.1 Base Score: 6.8 (Medium)
  • EPSS Score: 0.00223 (Percentile: 12.73%)
  • Exploit Status: No public PoCs available
  • CISA KEV Status: Not listed

Affected Systems

  • OpenClaw instances utilizing streamable-http Model Context Protocol servers configured with custom headers.
  • openclaw: < 2026.5.12 (Fixed in: 2026.5.12)

Mitigation Strategies

  • Upgrade OpenClaw to version 2026.5.12 or newer to ensure origin validation checks are enforced on redirects.
  • Rotate all custom authentication credentials and API tokens configured within the streamable-http configuration parameters.
  • Audit existing Model Context Protocol configuration paths to verify that only highly trusted endpoints are integrated.

Remediation Steps:

  1. Access the host system running OpenClaw and verify the currently installed version using package management tools.
  2. Update the openclaw dependency in your project to version 2026.5.12 using your package manager.
  3. Identify all configured credentials in the mcp.servers configuration file.
  4. Revoke the active tokens on the remote services, generate new secrets, and update the OpenClaw configuration file with the new credentials.
  5. Restart the OpenClaw service to apply the configuration updates and load the patched libraries.

References

Read the full report for CVE-2026-53840 on our website for more details including interactive diagrams and full exploit analysis.

Top comments (0)