CVE-2026-35654

OpenClaw before 2026.3.25 contains an authorization bypass vulnerability in Microsoft Teams feedback invokes that allows unauthorized senders to record session feedback. Attackers can bypass sender allowlist checks via feedback invoke endpoints to trigger unauthorized feedback recording or...

CVE-2026-35654

OpenClaw before 2026.3.25 has an authorization bypass in Microsoft Teams feedback invoke endpoints that lets an unauthorized sender trigger recording of session feedback or reflection. Attackers can bypass sender allowlists, enabling unauthorized access to feedback-related actions. The cited CVE ...

EUVD-2026-21454

OpenClaw before 2026.3.25 contains an authorization bypass vulnerability in Microsoft Teams feedback invokes that allows unauthorized senders to record session feedback. Attackers can bypass sender allowlist checks via feedback invoke endpoints to trigger unauthorized feedback recording or...

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.3.25 contained security vulnerabilities. These vulnerabilities were caused by authorization bypasses in calls made through Microsoft Teams, which could allow unauthorized senders ...