CVE-2026-31991 in OpenClawИнформация

Сводка

по MITRE • 19.03.2026

OpenClaw versions prior to 2026.2.26 contain an authorization bypass vulnerability where Signal group allowlist policy incorrectly accepts sender identities from DM pairing-store approvals. Attackers can exploit this boundary weakness by obtaining DM pairing approval to bypass group allowlist checks and gain unauthorized group access.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Ответственный

VulnCheck

Резервировать

10.03.2026

Раскрытие

19.03.2026

Модерация

принято

Вход

VDB-351660

CPE

готов

CWE

CWE-863 (Подтверждённый)

CVSS

4.6 (NVD)

EPSS

0.00044

KEV

Нет

Деятельности

Очень низкий

Сектор

Hospital, Transportation, ...

Источники

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-31991
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-31991
CVE Details	https://www.cvedetails.com/cve/CVE-2026-31991/

◂ Предыдущий Обзор Далее ▸

Might our Artificial Intelligence support you?

Check our Alexa App!