3 matches found
CVE-2026-32012
...
CVE-2026-32012
OpenClaw prior to 2026.2.25 is affected by CVE-2026-32012 due to a missing durable replay state for Nextcloud Talk webhook events. This allows an attacker to capture and replay valid signed webhook requests, potentially triggering duplicate inbound processing and causing integrity or availability...
CVE-2026-28449
OpenClaw versions prior to 2026.2.25 are affected by a missing durable replay suppression for Nextcloud Talk webhook events. This allows valid signed webhook requests to be replayed, triggering duplicate inbound message processing and potentially impacting integrity and availability. The vulnerab...