2 matches found
CVE-2026-35618
OpenClaw OpenClaw package (Plivo V2 verification) vulnerability CVE-2026-35618 affects OpenClaw before 2026.3.23. The replay protection uses a replay key derived from the full verification URL, including query strings, instead of the base canonical URL. This allows an attacker to mint new verifie...
@agentholdings/agent-passport (=0.1.0), @flomesh/ztm-chat (>=2026.3.25 <=2026.3.26) +8 more potentially affected by CVE-2026-35618 via openclaw (>=0.0.1 <=2026.3.23-2)
openclaw NPM version =0.0.1, =2026.3.25, =2026.3.24-3, =0.14.39, =0.1.1, =0.0.7, =0.14.6, =0.1.0, =3.3.2, =3.3.7 Source cves: CVE-2026-35618 Source advisory: OSV:GHSA-CG6C-Q2HX-69H7...