CVE-2026-32923 in OpenClaw
Сводка (Английский)
OpenClaw before 2026.3.11 contains an authorization bypass vulnerability in Discord guild reaction ingestion that fails to enforce member users and roles allowlist checks. Non-allowlisted guild members can trigger reaction events accepted as trusted system events, injecting reaction text into downstream session context.
Ответственный
VulnCheck
Резервировать
16.03.2026
Раскрытие
29.03.2026
Записи
| Опубликовано | База | Темп | Уязвимость | CWE | Прод | Экс | Кон | EPSS | CTI | CVE |
|---|---|---|---|---|---|---|---|---|---|---|
| 29.03.2026 | 5.9 | 5.7 | OpenClaw эскалация привилегий | 863 | Artificial Intelligence Software | Не определено | Официальное исправление | 0.00000 | 2.51+ | CVE-2026-32923 |