Skip to main content

macOS CVE-2026-26327

MEDIUM
Insufficient Verification of Data Authenticity (CWE-345)
2026-02-19 security-advisories@github.com GHSA-pv58-549p-qh99
6.5
CVSS 3.1 · GitHub Advisory
Share

Severity by source

GitHub Advisory PRIMARY
6.5 MEDIUM
AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Primary rating from GitHub Advisory · only source for this CVE.

CVSS VectorGitHub Advisory

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

3
Analysis Generated
Mar 12, 2026 - 22:03 vuln.today
Patch released
Feb 23, 2026 - 13:44 nvd
Patch available
CVE Published
Feb 19, 2026 - 23:16 nvd
MEDIUM 6.5

DescriptionGitHub Advisory

OpenClaw is a personal AI assistant. Discovery beacons (Bonjour/mDNS and DNS-SD) include TXT records such as lanHost, tailnetDns, gatewayPort, and gatewayTlsSha256. TXT records are unauthenticated. Prior to version 2026.2.14, some clients treated TXT values as authoritative routing/pinning inputs. iOS and macOS used TXT-provided host hints (lanHost/tailnetDns) and ports (gatewayPort) to build the connection URL. iOS and Android allowed the discovery-provided TLS fingerprint (gatewayTlsSha256) to override a previously stored TLS pin. On a shared/untrusted LAN, an attacker could advertise a rogue _openclaw-gw._tcp service. This could cause a client to connect to an attacker-controlled endpoint and/or accept an attacker certificate, potentially exfiltrating Gateway credentials (auth.token / auth.password) during connection. As of time of publication, the iOS and Android apps are alpha/not broadly shipped (no public App Store / Play Store release). Practical impact is primarily limited to developers/testers running those builds, plus any other shipped clients relying on discovery on a shared/untrusted LAN. Version 2026.2.14 fixes the issue. Clients now prefer the resolved service endpoint (SRV + A/AAAA) over TXT-provided routing hints. Discovery-provided fingerprints no longer override stored TLS pins. In iOS/Android, first-time TLS pins require explicit user confirmation (fingerprint shown; no silent TOFU) and discovery-based direct connects are TLS-only. In Android, hostname verification is no longer globally disabled (only bypassed when pinning).

AnalysisAI

OpenClaw's mDNS/Bonjour discovery beacons transmit unauthenticated TXT records that iOS, macOS, and Android clients treat as authoritative for routing and TLS certificate pinning, allowing an attacker on a shared LAN to advertise a rogue service and redirect connections to attacker-controlled endpoints. An attacker can exploit this to bypass TLS pinning validation and potentially capture Gateway credentials through man-in-the-middle attacks. The vulnerability affects OpenClaw versions prior to 2026.2.14 and requires network proximity but no user interaction.

Technical ContextAI

This vulnerability (CWE-345: Insufficient Verification of Data Authenticity) affects Openclaw. OpenClaw is a personal AI assistant. Discovery beacons (Bonjour/mDNS and DNS-SD) include TXT records such as lanHost, tailnetDns, gatewayPort, and gatewayTlsSha256. TXT records are unauthenticated. Prior to version 2026.2.14, some clients treated TXT values as authoritative routing/pinning inputs. iOS and macOS used TXT-provided host hints (lanHost/tailnetDns) and ports (gatewayPort) to build the connection URL. iOS and Android allowed the discovery-provided TLS fingerprint (`gatew

RemediationAI

A vendor patch is available — apply it immediately.

More in macOS

View all
CVE-2025-34089 CRITICAL POC
9.3 Jul 03

An unauthenticated remote code execution vulnerability exists in Remote for Mac, a macOS remote control utility develope

CVE-2023-43000 HIGH POC
8.8 Nov 05

A use-after-free issue was addressed with improved memory management. Rated high severity (CVSS 8.8), this vulnerability

CVE-2026-20700 HIGH POC
7.8 Feb 11

Apple's kernel across all platforms (iOS, macOS, watchOS, visionOS, tvOS) contains a memory corruption vulnerability (CV

CVE-2024-6387 HIGH POC
8.1 Jul 01

Remote code execution in OpenSSH's sshd server (regression of CVE-2006-5051) allows unauthenticated remote attackers to

CVE-2023-48795 MEDIUM POC
5.9 Dec 18

The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remot

CVE-2022-48618 HIGH
7.0 Jan 09

The issue was addressed with improved checks. Rated high severity (CVSS 7.0). Actively exploited in the wild (cisa kev)

CVE-2024-27822 HIGH POC
7.8 May 14

A logic issue was addressed with improved restrictions. Rated high severity (CVSS 7.8), this vulnerability is no authent

CVE-2023-22809 HIGH POC
7.8 Jan 18

In Sudo before 1.9.12p2, the sudoedit (aka -e) feature mishandles extra arguments passed in the user-provided environmen

CVE-2022-46689 HIGH POC
7.0 Dec 15

A race condition was addressed with additional validation. Rated high severity (CVSS 7.0), this vulnerability is no auth

CVE-2022-32845 CRITICAL POC
10.0 Sep 23

This issue was addressed with improved checks. Rated critical severity (CVSS 10.0), this vulnerability is remotely explo

CVE-2022-32221 CRITICAL POC
9.8 Dec 05

When doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data t

CVE-2022-32207 CRITICAL POC
9.8 Jul 07

When curl < 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the

Share

CVE-2026-26327 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy