Lucene search
K

Incorrect Authorization

๐Ÿ—“๏ธย 02 Apr 2026ย 21:00:44Reported byย Snyk Security DatabaseTypeย 
snyk
ย snyk
๐Ÿ”—ย security.snyk.io๐Ÿ‘ย 5ย Views

Incorrect Authorization in thread fetch bypasses sender allowlist, enabling unauthorized thread access; upgrade to 2026.3.31-beta.1.

Related
Detection
Refs
ReporterTitlePublishedViews
Family
ATTACKERKB
CVE-2026-41376
28 Apr 202618:09
โ€“attackerkb
CNNVD
OpenClaw ่ฎฟ้—ฎๆŽงๅˆถ้”™่ฏฏๆผๆดž
28 Apr 202600:00
โ€“cnnvd
CVE
CVE-2026-41376
28 Apr 202618:09
โ€“cve
Cvelist
CVE-2026-41376 OpenClaw < 2026.3.31 - Matrix Thread Context Allowlist Bypass via Sender Validation
28 Apr 202618:09
โ€“cvelist
EUVD
EUVD-2026-26085
28 Apr 202618:09
โ€“euvd
Github Security Blog
OpenClaw: Matrix thread root and reply context bypass sender allowlist
2 Apr 202621:00
โ€“github
NVD
CVE-2026-41376
28 Apr 202619:37
โ€“nvd
OSV
GHSA-RG8M-3943-VM6Q OpenClaw: Matrix thread root and reply context bypass sender allowlist
2 Apr 202621:00
โ€“osv
Positive Technologies
PT-2026-35761
2 Apr 202600:00
โ€“ptsecurity
Snyk
Incorrect Authorization
2 Apr 202621:00
โ€“snyk
Rows per page
Vulners
Node
openclawopenclawRange<2026.3.31-beta.1

Data

Build on a solid foundation withย Vulners data

Weย provide theย essential building blocks forย cybersecurity solutions withย comprehensive, structured, andย constantly updated vulnerability andย exploits data

Api

Power your application withย Vulners API

The Vulners REST API offers reliable, high-performance access toย vulnerabilityย intelligence, withย 99.9%ย SLAย uptime andย CDN-backed data delivery forย seamlessย global access

App

Assess and manage vulnerabilities withย Vulnersย tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

02 May 2026 01:24Current
5.9Medium risk
Vulners AI Score5.9
CVSS 42.3
CVSS 3.15.4 - 6.5
EPSS0.00157
SSVC
5