CVE-2026-32923 in OpenClaw
요약 (영어)
OpenClaw before 2026.3.11 contains an authorization bypass vulnerability in Discord guild reaction ingestion that fails to enforce member users and roles allowlist checks. Non-allowlisted guild members can trigger reaction events accepted as trusted system events, injecting reaction text into downstream session context.
책임이 있는
VulnCheck
예약하다
2026. 03. 16.
공개
2026. 03. 29.
엔트리
| 게시됨 | 기본 | 임시 | 취약성 | CWE | 제품 | 악용 | 대책 | EPSS | CTI | CVE |
|---|---|---|---|---|---|---|---|---|---|---|
| 2026. 03. 29. | 5.9 | 5.7 | OpenClaw 권한 상승 | 863 | Artificial Intelligence Software | 정의되지 않음 | 공식 수정 | 0.00000 | 2.51- | CVE-2026-32923 |