CVE-2026-32924 in OpenClawinformación

Resumen (Inglés)

OpenClaw before 2026.3.12 contains an authorization bypass vulnerability where Feishu reaction events with omitted chat_type are misclassified as p2p conversations instead of group chats. Attackers can exploit this misclassification to bypass groupAllowFrom and requireMention protections in group chat reaction-derived events.

Responsable

VulnCheck

Reservar

2026-03-16

Divulgación

2026-03-29

Voces

Fecha de publicación	Base	Temp	Vulnerabilidad	CWE	Prod	Exp	Con	EPSS	CTI	CVE
2026-03-29	8.5	8.4	OpenClaw escalada de privilegios	863	Artificial Intelligence Software	No está definido	Arreglo oficial	0.00000	3.13	CVE-2026-32924

Mostrar más

Descripción
Cambios
Inteligencia de amenazas
API/JSON

◂ AnteriorVisión De ConjuntoPróximo ▸

Do you know our Splunk app?

Download it now for free!