CVE-2026-31991 in OpenClawالمعلومات

الملخص

بحسب MITRE • 19/03/2026

OpenClaw versions prior to 2026.2.26 contain an authorization bypass vulnerability where Signal group allowlist policy incorrectly accepts sender identities from DM pairing-store approvals. Attackers can exploit this boundary weakness by obtaining DM pairing approval to bypass group allowlist checks and gain unauthorized group access.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

مسؤول

VulnCheck

حجز

10/03/2026

إفشاء

19/03/2026

الاعتدال

تمت الموافقة

إدخال

VDB-351660

CPE

جاهز

CWE

CWE-863 (مؤكد)

CVSS

4.6 (NVD)

EPSS

0.00044

KEV

لا

النشاطات

منخفض جدًا

القطاع

Finance, Lawfirm, ...

المصادر

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-31991
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-31991
CVE Details	https://www.cvedetails.com/cve/CVE-2026-31991/

التالي ▸نظرة عامة ◂ السابق

Want to stay up to date on a daily basis?

Enable the mail alert feature now!