CVE-2026-41405

Summary

OpenClaw before 2026.3.31 parses MS Teams webhook request bodies before performing JWT validation, allowing unauthenticated attackers to trigger resource exhaustion. Remote attackers can send malicious Teams webhook payloads to exhaust server resources by bypassing authentication checks.

Affected Software

VendorProductVersion RangeStatus
OpenClawOpenClaw0 < 2026.3.31affected
OpenClawOpenClaw2026.3.31unaffected

Weaknesses

  • CWE-408: CWE-408: Incorrect Behavior Order: Early Amplification

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References