EUVD-2026-29158

🗓️ 11 May 2026 18:31:47Reported by EUVDType

OpenClaw vulnerability allows remote improper authentication via handleBlueBubblesWebhookRequest; upgrade to 2026.2.12.

Reporter	Title	Published	Views	Family All 11
ATTACKERKB	CVE-2026-8305	11 May 202616:30	–	attackerkb
Circl	CVE-2026-8305	11 May 202619:25	–	circl
CNNVD	OpenClaw 授权问题漏洞	11 May 202600:00	–	cnnvd
CVE	CVE-2026-8305	11 May 202616:30	–	cve
Cvelist	CVE-2026-8305 OpenClaw bluebubbles Webhook monitor.ts handleBlueBubblesWebhookRequest improper authentication	11 May 202616:30	–	cvelist
NVD	CVE-2026-8305	11 May 202618:16	–	nvd
Positive Technologies	PT-2026-39703	11 May 202600:00	–	ptsecurity
RedhatCVE	CVE-2026-8305	5 Jun 202619:24	–	redhatcve
Snyk	Improper Authentication	11 May 202618:11	–	snyk
Snyk	Improper Authentication	11 May 202618:11	–	snyk

[
  {
    "enisaIdVendor": [
      {
        "id": "1db93f40-2fad-3620-b4a5-f8f8c4b00a83",
        "vendor": {
          "name": "n/a"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "002f81b0-88cb-3803-be00-2236844ed60d",
        "product": {
          "name": "OpenClaw"
        },
        "product_version": "2026.1.17"
      },
      {
        "id": "023cf604-b8c3-3713-bac2-55e11b570747",
        "product": {
          "name": "OpenClaw"
        },
        "product_version": "2026.1.22"
      },
      {
        "id": "153d73f1-3d4f-3726-bbf3-bf0b9a38d277",
        "product": {
          "name": "OpenClaw"
        },
        "product_version": "2026.1.7"
      },
      {
        "id": "283debe4-2de6-3037-ab15-2ca64c57d649",
        "product": {
          "name": "OpenClaw"
        },
        "product_version": "2026.1.23"
      },
      {
        "id": "292877c6-6bb0-339c-a0c4-c01deaac8369",
        "product": {
          "name": "OpenClaw"
        },
        "product_version": "2026.1.5"
      },
      {
        "id": "2cabc586-33e1-3753-9905-8698851a4e53",
        "product": {
          "name": "OpenClaw"
        },
        "product_version": "2026.1.12"
      },
      {
        "id": "35a146a9-a592-3b5b-b11a-128118172a5c",
        "product": {
          "name": "OpenClaw"
        },
        "product_version": "2026.1.11"
      },
      {
        "id": "35ef51f5-40e1-3ff2-a642-fd1d36dd7a13",
        "product": {
          "name": "OpenClaw"
        },
        "product_version": "2026.1.3"
      },
      {
        "id": "39204a33-079e-3e96-8577-51361515b946",
        "product": {
          "name": "OpenClaw"
        },
        "product_version": "2026.1.4"
      },
      {
        "id": "3d18f515-5368-36ab-97d8-765d8a944f32",
        "product": {
          "name": "OpenClaw"
        },
        "product_version": ""
      },
      {
        "id": "3e458e91-25c1-3d10-8a8e-8e2154814539",
        "product": {
          "name": "OpenClaw"
        },
        "product_version": "2026.1.6"
      },
      {
        "id": "45f4dbcc-c2ca-314f-bbdf-798653e12c73",
        "product": {
          "name": "OpenClaw"
        },
        "product_version": "2026.1.21"
      },
      {
        "id": "501b18bd-6519-391d-aba1-e267eff9b579",
        "product": {
          "name": "OpenClaw"
        },
        "product_version": "2026.1.10"
      },
      {
        "id": "5931b83f-35a7-344c-89d9-d02bc8579bb6",
        "product": {
          "name": "OpenClaw"
        },
        "product_version": "2026.1.14"
      },
      {
        "id": "70be84c8-cfaf-37a9-a71a-99d8828d95a0",
        "product": {
          "name": "OpenClaw"
        },
        "product_version": "2026.1.20"
      },
      {
        "id": "aa5d6402-de6f-3cd9-87a2-4e333a3d512b",
        "product": {
          "name": "OpenClaw"
        },
        "product_version": "2026.1.2"
      },
      {
        "id": "ba367b9c-394b-34d4-bc57-82a5485ebec8",
        "product": {
          "name": "OpenClaw"
        },
        "product_version": "2026.1.9"
      },
      {
        "id": "c460887b-8b29-3c32-90f4-39d6686a6280",
        "product": {
          "name": "OpenClaw"
        },
        "product_version": "2026.1.16"
      },
      {
        "id": "c462861d-f25b-3fe5-bf34-76071682a8fa",
        "product": {
          "name": "OpenClaw"
        },
        "product_version": "2026.1.18"
      },
      {
        "id": "cad9b52c-bd1c-301b-8117-ced472b88727",
        "product": {
          "name": "OpenClaw"
        },
        "product_version": "2026.1.8"
      },
      {
        "id": "ce44d72c-5817-31a5-80d5-0329cb55d36f",
        "product": {
          "name": "OpenClaw"
        },
        "product_version": "2026.1.19"
      },
      {
        "id": "d89d26fc-4ca1-3d89-b462-150cebae4b3e",
        "product": {
          "name": "OpenClaw"
        },
        "product_version": "2026.1.1"
      },
      {
        "id": "e0f15460-b4a7-3982-a2da-f7ddf43c80df",
        "product": {
          "name": "OpenClaw"
        },
        "product_version": "2026.1.0"
      },
      {
        "id": "e2cb9e17-989a-3d77-ba03-5be50caef048",
        "product": {
          "name": "OpenClaw"
        },
        "product_version": "2026.1.15"
      },
      {
        "id": "e8facea3-7d99-34fa-b021-f52c0e31b5c2",
        "product": {
          "name": "OpenClaw"
        },
        "product_version": "2026.1.24"
      },
      {
        "id": "f095c4b6-30e2-390d-94be-3bd9094d1853",
        "product": {
          "name": "OpenClaw"
        },
        "product_version": "2026.1.13"
      }
    ]
  }
]

Source	Link
vuldb	www.vuldb.com/vuln/362590
vuldb	www.vuldb.com/vuln/362590/cti
vuldb	www.vuldb.com/submit/809371
github	www.github.com/openclaw/openclaw/issues/13786
github	www.github.com/openclaw/openclaw/pull/13787
github	www.github.com/Dave-gilmore-aus/security-advisories/blob/main/ClawdBot(aka%20OpenClaw)-Auth-Bypass-SSRF
github	www.github.com/openclaw/openclaw/commit/a6653be0265f1f02b9de46c06f52ea7c81a836e6
github	www.github.com/openclaw/openclaw/releases/tag/v2026.2.12
github	www.github.com/openclaw/openclaw/
nvd	www.nvd.nist.gov/vuln/detail/CVE-2026-8305

11 May 2026 18:31Current

6.8Medium risk

Vulners AI Score6.8

CVSS 46.9

CVSS 3.17.3

CVSS 27.5

CVSS 37.3

EPSS0.00636

SSVC