PT-2026-33868

OpenClaw versions 2026.3.22 before 2026.3.31 contain a signature verification bypass vulnerability in the Nostr DM ingress path that allows pairing challenges to be issued before event signature validation. An unauthenticated remote attacker can send forged direct messages to create pending pairi...

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant. Versions of OpenClaw prior to 2026.2.2 contained security vulnerabilities. These vulnerabilities stemmed from the ability to bypass the DM permission list matching in the Matrix plugin, allowing remote Matrix users to impersonate...