CVE-2026-41406
MEDIUMOpenClaw < 2026.3.31 - Sender Allowlist Bypass via Thread History and Quoted Messages
Title source: cnaDescription
OpenClaw before 2026.3.31 contains a sender allowlist bypass vulnerability that allows remote attackers to access restricted messages. Attackers can exploit fetched quoted, root, and thread context messages to bypass sender allowlist restrictions and retrieve unauthorized content.
References (3)
Core 3
Core References
Vendor Advisory vendor-advisory
GitHub Security Advisory (GHSA-877v-w3f5-3pcq)
https://github.com/openclaw/openclaw/security/advisories/GHSA-877v-w3f5-3pcq
Patch patch
Patch Commit
https://github.com/openclaw/openclaw/commit/f45e5a6569aab1d58cc6de25b19f1dc4c8779b85
Third Party Advisory third-party-advisory
VulnCheck Advisory: OpenClaw < 2026.3.31 - Sender Allowlist Bypass via Thread History and Quoted Messages
https://www.vulncheck.com/advisories/openclaw-sender-allowlist-bypass-via-thread-history-and-quoted-messages
Scores
CVSS v3
5.4
EPSS
0.0022
EPSS Percentile
13.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-639
Status
published
Products (4)
npm/openclaw
0 - 2026.3.31npm
OpenClaw/OpenClaw
< 2026.3.31
openclaw/openclaw
< 2026.3.31
OpenClaw/OpenClaw
2026.3.31
Published
Apr 28, 2026
Tracked Since
Apr 29, 2026