wid-sec-w-2026-0930 · Published 2026-03-30 · View on BSI CERT-Bund ↗

OpenClaw: Multiple Vulnerabilities

CVSS 9.4 CRITICAL

Risk Summary

OpenClaw before 2026.3.28 downloads and stores inbound media from Zalo channels before validating sender authorization. Unauthorized senders can force network fetches and disk writes to the media store by sending messages that are subsequently rejected. OpenClaw before 2026.3.28 contains a privilege escalation vulnerability in the /pair approve command path that fails to forward caller scopes into the core approval check. A caller with pairing privileges but without admin privileges can approve pending device requests asking for broader scopes including admin access by exploiting the missing scope validation in extensions/device-pair/index.ts and src/infra/device-pairing.ts. OpenClaw before 2026.3.28 contains a missing rate limiting vulnerability in the Nextcloud Talk webhook authentication that allows attackers to brute-force weak shared secrets. Attackers who can reach the webhook endpoint can exploit this to forge inbound webhook events by repeatedly attempting authentication without throttling.

CVEs (8)

CVE-2026-33576 CVE-2026-33577 CVE-2026-33578 CVE-2026-33579 CVE-2026-33580 CVE-2026-33581 CVE-2026-34503 CVE-2026-34504

Affected Vendors

Open Source

Affected Products (2)

Open Source · OpenClaw <2026.3.28

Open Source · OpenClaw 2026.3.28

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more