Lucene search
K

6 matches found

NVD
NVD
added 2026/04/28 7:37 p.m.5 views

CVE-2026-41374

OpenClaw before 2026.3.31 performs Discord audio preflight transcription before validating member authorization, allowing unauthenticated attackers to consume resources. Remote attackers can trigger audio preflight processing without member allowlist validation to cause resource exhaustion...

6.9CVSS0.00474EPSS
Exploits0References3
CVE
CVE
added 2026/04/20 11:8 p.m.14 views

CVE-2026-41331

OpenClaw is affected in versions before 2026.3.31. The vulnerability is a resource consumption issue in Telegram audio preflight transcription that can be triggered by unauthorized group senders, due to insufficient allowlist enforcement before authorization checks. The impact is resource or bill...

6.9CVSS5.8AI score0.00297EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2026/04/20 11:8 p.m.4 views

EUVD-2026-24020

OpenClaw before 2026.3.31 contains a resource consumption vulnerability in Telegram audio preflight transcription that allows unauthorized group senders to trigger transcription processing. Attackers can exploit insufficient allowlist enforcement to cause resource or billing consumption by...

6.9CVSS5.8AI score0.00297EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/04/03 3:15 a.m.11 views

OpenClaw: Telegram audio preflight transcription enables resource consumption by unauthorized senders

Summary Telegram audio preflight transcription enables resource consumption by unauthorized senders Current Maintainer Triage - Status: narrow - Normalized severity: medium - Assessment: v2026.3.28 still lets unauthorized Telegram group senders trigger audio preflight before allowlist enforcement...

6.9CVSS5.8AI score0.00297EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2026/04/03 2:56 a.m.5 views

GHSA-HHFF-FJ5F-QG48 OpenClaw runs Discord audio preflight transcription before member authorization

Summary Discord audio preflight transcription before member authorization Current Maintainer Triage - Status: narrow - Normalized severity: medium - Assessment: v2026.3.28 still runs Discord audio preflight before member allowlist rejection, but this is the same pre-auth resource-consumption clas...

6.9CVSS5.9AI score0.00474EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2026/04/03 2:56 a.m.10 views

OpenClaw runs Discord audio preflight transcription before member authorization

Summary Discord audio preflight transcription before member authorization Current Maintainer Triage - Status: narrow - Normalized severity: medium - Assessment: v2026.3.28 still runs Discord audio preflight before member allowlist rejection, but this is the same pre-auth resource-consumption clas...

6.9CVSS5.9AI score0.00474EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder