Lucene search
+L

268 matches found

ATTACKERKB
ATTACKERKB
added 2026/04/20 11:8 p.m.5 views

CVE-2026-41301

OpenClaw versions 2026.3.22 before 2026.3.31 contain a signature verification bypass vulnerability in the Nostr DM ingress path that allows pairing challenges to be issued before event signature validation. An unauthenticated remote attacker can send forged direct messages to create pending pairi...

6.9CVSS5.8AI score0.00253EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/04/20 11:8 p.m.37 views

CVE-2026-41301 OpenClaw 2026.3.22 < 2026.3.31 - Forged Nostr DM Pairing State Creation via Signature Verification Bypass

OpenClaw versions 2026.3.22 before 2026.3.31 contain a signature verification bypass vulnerability in the Nostr DM ingress path that allows pairing challenges to be issued before event signature validation. An unauthenticated remote attacker can send forged direct messages to create pending pairi...

6.9CVSS0.00253EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/04/20 11:8 p.m.4 views

CVE-2026-41301 OpenClaw 2026.3.22 < 2026.3.31 - Forged Nostr DM Pairing State Creation via Signature Verification Bypass

OpenClaw versions 2026.3.22 before 2026.3.31 contain a signature verification bypass vulnerability in the Nostr DM ingress path that allows pairing challenges to be issued before event signature validation. An unauthenticated remote attacker can send forged direct messages to create pending pairi...

6.9CVSS5.8AI score0.00253EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/04/17 10:32 p.m.12 views

OpenClaw: Matrix room control-command authorization no longer trusts DM pairing-store entries

Summary Matrix room control-command authorization used the effective allowlist for room traffic, which included sender IDs learned from the Matrix DM pairing store. A sender who was allowed only for a Matrix DM could therefore authorize room control commands when they also posted in a bot room...

8.8CVSS5.6AI score0.00288EPSS
Exploits0References8Affected Software1
NVD
NVD
added 2026/04/10 5:17 p.m.14 views

CVE-2026-35661

OpenClaw before 2026.3.25 contains an authorization bypass vulnerability in Telegram callback query handling that allows attackers to mutate session state without satisfying normal DM pairing requirements. Remote attackers can exploit weaker callback-only authorization in direct messages to bypas...

6.9CVSS0.00285EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/04/10 4:3 p.m.3 views

CVE-2026-35661 OpenClaw < 2026.3.25 - Telegram DM-Scoped Inline Button Callback Authorization Bypass

OpenClaw before 2026.3.25 contains an authorization bypass vulnerability in Telegram callback query handling that allows attackers to mutate session state without satisfying normal DM pairing requirements. Remote attackers can exploit weaker callback-only authorization in direct messages to bypas...

6.9CVSS5.8AI score0.00285EPSS
Exploits0References3
CVE
CVE
added 2026/04/10 4:3 p.m.14 views

CVE-2026-35661

CVE-2026-35661 affects OpenClaw prior to 2026.3.25. Affected component: Telegram callback query handling allows an authorization bypass that enables remote attackers to mutate session state without satisfying normal DM pairing. Attack requires no user interaction and network access (low complexit...

6.9CVSS5.8AI score0.00285EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/04/10 4:3 p.m.5 views

CVE-2026-35661 OpenClaw < 2026.3.25 - Telegram DM-Scoped Inline Button Callback Authorization Bypass

OpenClaw before 2026.3.25 contains an authorization bypass vulnerability in Telegram callback query handling that allows attackers to mutate session state without satisfying normal DM pairing requirements. Remote attackers can exploit weaker callback-only authorization in direct messages to bypas...

6.9CVSS6AI score0.00285EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/04/10 4:3 p.m.29 views

CVE-2026-35647 OpenClaw < 2026.3.25 - Direct Message Policy Bypass via Verification Notices

OpenClaw before 2026.3.25 contains an access control vulnerability where verification notices bypass DM policy checks and reply to unpaired peers. Attackers can send verification notices to users outside allowed direct message policies by exploiting insufficient access validation before message...

6.9CVSS0.00285EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/04/10 4:3 p.m.2 views

CVE-2026-35647 OpenClaw < 2026.3.25 - Direct Message Policy Bypass via Verification Notices

OpenClaw before 2026.3.25 contains an access control vulnerability where verification notices bypass DM policy checks and reply to unpaired peers. Attackers can send verification notices to users outside allowed direct message policies by exploiting insufficient access validation before message...

6.9CVSS5.8AI score0.00285EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/10 12:30 a.m.4 views

EUVD-2026-21126

OpenClaw before 2026.3.22 contains a webhook path route replacement vulnerability in the Synology Chat extension that allows attackers to collapse multi-account configurations onto shared webhook paths. Attackers can exploit inherited or duplicate webhook paths to bypass per-account DM access...

6.3CVSS6AI score0.00245EPSS
Exploits0References5
EUVD
EUVD
added 2026/04/10 12:30 a.m.7 views

EUVD-2026-21112

OpenClaw before 2026.3.22 performs cryptographic and dispatch operations on inbound Nostr direct messages before enforcing sender and pairing policy validation. Attackers can trigger unauthorized pre-authentication computation by sending crafted DM messages, enabling denial of service through...

6.9CVSS5.9AI score0.00454EPSS
Exploits0References5
OSV
OSV
added 2026/04/10 12:30 a.m.5 views

GHSA-G8MC-C5F2-MQG7 Duplicate Advisory: OpenClaw Bypasses DM Policy Separation via Synology Chat Webhook Path Collision

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-rqp8-q22p-5j9q This link is maintained to preserve external references. Original Description OpenClaw before 2026.3.22 contains a webhook path route replacement vulnerability in the Synology Chat extension that...

6.3CVSS5.8AI score0.00245EPSS
Exploits0References5
OSV
OSV
added 2026/04/10 12:30 a.m.4 views

GHSA-2J53-2C28-G9V2 Duplicate Advisory: OpenClaw: Nostr inbound DMs could trigger unauthenticated crypto work before sender policy enforcement

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-65h8-27jh-q8wv. This link is maintained to preserve external references. Original Description OpenClaw before 2026.3.22 performs cryptographic and dispatch operations on inbound Nostr direct messages before...

6.9CVSS5.7AI score0.00454EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/04/10 12:30 a.m.7 views

Duplicate Advisory: OpenClaw: Tlon cite expansion happens before channel and DM authorization is complete

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-vfg3-pqpq-93m4. This link is maintained to preserve external references. Original Description OpenClaw before 2026.3.22 performs cite expansion before completing channel and DM authorization checks, allowing cit...

7.3CVSS5.7AI score0.00247EPSS
Exploits0References7Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/10 12:30 a.m.7 views

Duplicate Advisory: OpenClaw: Nostr inbound DMs could trigger unauthenticated crypto work before sender policy enforcement

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-65h8-27jh-q8wv. This link is maintained to preserve external references. Original Description OpenClaw before 2026.3.22 performs cryptographic and dispatch operations on inbound Nostr direct messages before...

8.2CVSS5.7AI score0.00454EPSS
Exploits0References6Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/10 12:0 a.m.9 views

PT-2026-31972

OpenClaw before 2026.3.25 contains an authorization bypass vulnerability in Telegram callback query handling that allows attackers to mutate session state without satisfying normal DM pairing requirements. Remote attackers can exploit weaker callback-only authorization in direct messages to bypas...

6.9CVSS5.8AI score0.00285EPSS
Exploits0References4
NVD
NVD
added 2026/04/09 10:16 p.m.11 views

CVE-2026-35627

OpenClaw before 2026.3.22 performs cryptographic and dispatch operations on inbound Nostr direct messages before enforcing sender and pairing policy validation. Attackers can trigger unauthorized pre-authentication computation by sending crafted DM messages, enabling denial of service through...

8.2CVSS0.00454EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/09 9:27 p.m.21 views

CVE-2026-35637 OpenClaw < 2026.3.22 - Premature Cite Expansion Before Authorization in Channel and DM

OpenClaw before 2026.3.22 performs cite expansion before completing channel and DM authorization checks, allowing cite work and content handling prior to final auth decisions. Attackers can exploit this timing vulnerability to access or manipulate content before proper authorization validation...

7.3CVSS0.00247EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/09 9:27 p.m.3 views

CVE-2026-35635 OpenClaw < 2026.3.22 - Webhook Path Route Replacement Vulnerability in Synology Chat

OpenClaw before 2026.3.22 contains a webhook path route replacement vulnerability in the Synology Chat extension that allows attackers to collapse multi-account configurations onto shared webhook paths. Attackers can exploit inherited or duplicate webhook paths to bypass per-account DM access...

6.3CVSS5.8AI score0.00245EPSS
Exploits0References4
Rows per page
Query Builder