GHSA-xwcj-hwhf-h378
OpenClaw Telegram media fetch errors exposed bot tokens in logged file URLs
Details
### Summary `openclaw` versions `<= 2026.3.12` could include raw Telegram bot tokens in media fetch error strings when inbound Telegram media downloads failed.
### Affected Packages / Versions - Package: `openclaw` (`npm`) - Affected versions: `<= 2026.3.12` - Fixed version: `2026.3.13`
### Details The vulnerable path was `fetchRemoteMedia()` in `src/media/fetch.ts`. In affected releases, fetch and HTTP error paths embedded the original Telegram file URL into `MediaFetchError` messages. For Telegram media, those URLs can include `/file/bot<TOKEN>/...`, so the resulting error strings could leak bot tokens into logs, console output, or any downstream error surface that rendered the exception text.
This issue is in scope under OpenClaw's trust model because the leaked secret is an OpenClaw-operated integration credential, not a user-supplied third-party secret.
### Fix `openclaw@2026.3.13` redacts sensitive media URLs before constructing fetch error messages. Current code routes the source URL and follow-on error paths through `redactMediaUrl()` / `redactSensitiveText()`, so Telegram bot tokens are no longer emitted in those error strings.
Regression coverage exists in `src/media/fetch.test.ts` (`redacts Telegram bot tokens from fetch failure messages` and `redacts Telegram bot tokens from HTTP error messages`).
### Fix Commit(s) - `7a53eb7ea8295b08be137e231c9a98c1a79b5cd5`
Thanks @space08 for reporting.
Are you affected?
Enter the version of the package you're using.