4 matches found
CVE-2026-62213
OpenClaw versions before 2026.5.27 contain a token leakage vulnerability in MS Teams outbound requests that allows lower-trust callers to expose Bot Framework tokens. Attackers can access configured input paths to retrieve credentials that should remain within the trusted boundary...
EUVD-2026-45101
OpenClaw versions before 2026.5.27 contain a token leakage vulnerability in MS Teams outbound requests that allows lower-trust callers to expose Bot Framework tokens. Attackers can access configured input paths to retrieve credentials that should remain within the trusted boundary...
CVE-2026-62213
OpenClaw versions prior to 2026.5.27 contain a token leakage vulnerability tied to MS Teams outbound requests. The issue allows lower-trust callers to access Bot Framework tokens by reaching configured input paths that should remain within the trusted boundary. Impact is exposure of credentials; ...
CVE-2026-49139
Nanobot prior to version 0.2.1 contains a server-side request forgery vulnerability in the Microsoft Teams channel handler that allows remote attackers to exfiltrate Bot Framework bearer tokens by supplying a forged activity with an attacker-controlled serviceUrl value. Attackers can poison the...