CVE-2026-33580 in OpenClawinformación

Resumen (Inglés)

OpenClaw before 2026.3.28 contains a missing rate limiting vulnerability in the Nextcloud Talk webhook authentication that allows attackers to brute-force weak shared secrets. Attackers who can reach the webhook endpoint can exploit this to forge inbound webhook events by repeatedly attempting authentication without throttling.

Responsable

VulnCheck

Reservar

2026-03-23

Divulgación

2026-03-31

Voces

VulDB provides additional information and datapoints for this CVE:

IDVulnerabilidadCWEExpConCVE
354396OpenClaw Webhook divulgación de información307No está definidoArreglo oficialCVE-2026-33580

Descripción

CPE

CWE

CVSS

Hazañas

Historia

Diferencia

Relacionar

Inteligencia de amenazas

API JSON

API XML

API CSV

AnteriorVisión De ConjuntoPróximo

Want to know what is going to be exploited?

We predict KEV entries!