4 matches found
EUVD-2026-36321
OpenClaw: Message read actions could skip channel allowlist checks...
CVE-2026-53815
OpenClaw before 2026.5.19 contains an authorization bypass vulnerability in message read actions that skips channel allowlist checks. Lower-trust callers can request messages from channels not intended for them by exploiting insufficient validation in the affected feature, potentially exposing...
CVE-2026-53815
OpenClaw is affected by an authorization bypass in the message read actions present before 2026.5.19. The root cause is insufficient validation that should enforce channel allowlists, allowing lower-trust callers to request messages from channels not intended for them and exposing potentially sen...
PT-2026-48745
Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.5.19 Description An authorization bypass exists in message read actions due to insufficient validation, which allows the system to skip channel allowlist checks. This enables lower-trust callers to request and...