CVE-2026-32053

MEDIUM

OpenClaw < 2026.2.23 - Twilio Webhook Replay Bypass via Randomized Event ID Normalization

Title source: cna

Description

OpenClaw versions prior to 2026.2.23 contain a vulnerability in Twilio webhook event deduplication where normalized event IDs are randomized per parse, allowing replay events to bypass manager dedupe checks. Attackers can replay Twilio webhook events to trigger duplicate or stale call-state transitions, potentially causing incorrect call handling and state corruption.

References (3)

[Third Party Advisory] https://github.com/openclaw/openclaw/security/advisories/GHSA-vqx8-9xxw-f2m7

[Patch] https://github.com/openclaw/openclaw/commit/1d28da55a5d0ff409e34999e0961157e9db0a2ab

View Patch ZIP pw:eip

[Third Party Advisory] https://www.vulncheck.com/advisories/openclaw-twilio-webhook-replay-bypass-via-randomized-event-id-normalization

Scores

CVSS v3 6.5

EPSS 0.0002

EPSS Percentile 5.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

Details

CWE

CWE-294

Status published

Products (4)

npm/openclaw 0 - 2026.2.23npm

OpenClaw/OpenClaw < 2026.2.23

openclaw/openclaw < 2026.2.23

OpenClaw/OpenClaw 2026.2.23

Published Mar 21, 2026

Tracked Since Mar 21, 2026