Lucene search
+L

5 matches found

Cvelist
Cvelist
added 2026/04/09 9:26 p.m.22 views

CVE-2026-35622 OpenClaw < 2026.3.22 - Improper Authentication Verification in Google Chat Webhook

OpenClaw before 2026.3.22 contains an improper authentication verification vulnerability in Google Chat app-url webhook handling that accepts add-on principals outside intended deployment bindings. Attackers can bypass webhook authentication by providing non-deployment add-on principals to execut...

6CVSS0.00293EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/09 9:26 p.m.1 views

CVE-2026-35622

OpenClaw before 2026.3.22 contains an improper authentication verification vulnerability in Google Chat app-url webhook handling that accepts add-on principals outside intended deployment bindings. Attackers can bypass webhook authentication by providing non-deployment add-on principals to execut...

6CVSS6AI score0.00293EPSS
Exploits0References5
Snyk
Snyk
added 2026/03/26 9:37 p.m.2 views

Incorrect Authorization

Overview @openclaw/nextcloud-talk is an OpenClaw Nextcloud Talk channel plugin Affected versions of this package are vulnerable to Incorrect Authorization in the auth process. An attacker can gain unauthorized access by sending requests with add-on principals that are not bound to the intended...

7.6CVSS5.9AI score0.00293EPSS
Exploits0References2
Snyk
Snyk
added 2026/03/26 9:37 p.m.5 views

Incorrect Authorization

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Incorrect Authorization in the auth process. An attacker can gain unauthorized access by sending requests with add-on principals that are not bound to the intended deployment. Remediation...

7.6CVSS5.9AI score0.00293EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/03/26 9:37 p.m.11 views

OpenClaw: Google Chat app-url webhook auth accepted non-deployment add-on principals

Summary Google Chat app-url webhook verification accepted add-on principals outside the intended deployment binding. Affected Packages / Versions - Package: openclaw npm - Affected: = 2026.3.22 - Latest released tag checked: v2026.3.23-2 630f1479c44f78484dfa21bb407cbe6f171dac87 - Latest published...

7.1CVSS5.8AI score0.00293EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder