CVE-2026-32923 in OpenClawinformation

Résumé (Anglaise)

OpenClaw before 2026.3.11 contains an authorization bypass vulnerability in Discord guild reaction ingestion that fails to enforce member users and roles allowlist checks. Non-allowlisted guild members can trigger reaction events accepted as trusted system events, injecting reaction text into downstream session context.

Responsable

VulnCheck

Réserver

16/03/2026

Divulgation

29/03/2026

Entrées

PubliéBaseTempVulnérabilitéCWEProdExpConEPSSCTICVE
29/03/20265.95.7OpenClaw élévation de privilèges863Artificial Intelligence SoftwareNon définiCorrectif officiel0.000002.51+CVE-2026-32923

Montrer plus

PrécédentAperçuSuivant

Do you know our Splunk app?

Download it now for free!