A vulnerability, which was classified as problematic , was found in OpenClaw . This affects an unknown function of the component Client PKCE Verifier . Such manipulation leads to information disclosure. This vulnerability is referenced as CVE-2026-3691 . It is possible to launch the attack remotely. No exploit is available. You should upgrade the affected component.