CVE-2026-28461 in OpenClawالمعلومات

الملخص

بحسب MITRE • 19/03/2026

OpenClaw versions prior to 2026.3.1 contain an unbounded memory growth vulnerability in the Zalo webhook endpoint that allows unauthenticated attackers to trigger in-memory key accumulation by varying query strings. Remote attackers can exploit this by sending repeated requests with different query parameters to cause memory pressure, process instability, or out-of-memory conditions that degrade service availability.

Once again VulDB remains the best source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

مسؤول

VulnCheck

حجز

27/02/2026

إفشاء

19/03/2026

الاعتدال

تمت الموافقة

إدخال

VDB-351650

CPE

جاهز

CWE

CWE-770 (مؤكد)

CVSS

7.5 (CNA)

EPSS

0.00106

KEV

لا

النشاطات

منخفض جدًا

القطاع

Pharma, Finance, ...

المصادر

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-28461
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-28461
CVE Details	https://www.cvedetails.com/cve/CVE-2026-28461/

التالي ▸نظرة عامة ◂ السابق

Interested in the pricing of exploits?

See the underground prices here!