CVE-2026-34508
OpenClaw is affected by a pre-authentication rate-limiting bypass in versions before 2026.3.12. The vulnerability causes rate limits to kick in only after webhook authentication, enabling attackers to brute-force webhook secrets without triggering 429 responses. As a result, attackers can repeate...