Kaze310

**Name of the Vulnerable Software and Affected Versions** OpenClaw versions 2026.4.23 through 2026.4.23 **Description** An insecure file permissions issue exists in the config recovery process that restores the `OpenClaw.json` file with overly broad permissions. Local attackers on shared hosts can exploit the recovery path to read sensitive configuration data from the restored file. **Recommendations** Update to version 2026.4.24.