CVE-2026-31991 in OpenClawthông tin

Tóm tắt

Bởi MITRE • 19/03/2026

OpenClaw versions prior to 2026.2.26 contain an authorization bypass vulnerability where Signal group allowlist policy incorrectly accepts sender identities from DM pairing-store approvals. Attackers can exploit this boundary weakness by obtaining DM pairing approval to bypass group allowlist checks and gain unauthorized group access.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

chịu trách nhiệm

VulnCheck

Đặt trước

10/03/2026

Tiết lộ

19/03/2026

Kiểm duyệt

được chấp nhận

mục

VDB-351660

CPE

sẵn sàng

CWE

CWE-863 (Đã xác nhận)

CVSS

4.6 (NVD)

EPSS

0.00044

KEV

không

Các hoạt động

rất thấp

ngành

Chemical, Energy, ...

Nguồn

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-31991
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-31991
CVE Details	https://www.cvedetails.com/cve/CVE-2026-31991/

◂ Trước Tổng Quan Tiếp theo ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!