CVE-2026-41402

Summary

OpenClaw before 2026.3.31 contains a scope bypass vulnerability in webhook replay cache deduplication that allows authenticated attackers to replay messages across sibling targets using the same messageId. Attackers can exploit overly broad cache keying to bypass replay protection and deliver duplicate webhook messages to unintended targets.

Affected Software

VendorProductVersion RangeStatus
OpenClawOpenClaw0 < 2026.3.31affected
OpenClawOpenClaw2026.3.31unaffected

Weaknesses

  • CWE-706: CWE-706: Use of Incorrectly-Resolved Name or Reference

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References