EUVD-2026-13954
GHSA-3r78-rqg8-95gg
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
Lifecycle Timeline
5Description
OpenClaw versions prior to 2026.2.23 contain a vulnerability in Twilio webhook event deduplication where normalized event IDs are randomized per parse, allowing replay events to bypass manager dedupe checks. Attackers can replay Twilio webhook events to trigger duplicate or stale call-state transitions, potentially causing incorrect call handling and state corruption.
Analysis
OpenClaw versions prior to 2026.2.23 contain a webhook event deduplication bypass vulnerability where normalized Twilio event IDs are randomized on each parse, allowing attackers to replay webhook events and circumvent the manager's deduplication checks. An unauthenticated remote attacker can exploit this over the network to trigger duplicate or stale call-state transitions, potentially causing incorrect call handling and state corruption. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 30 days: Identify affected systems and apply vendor patches as part of regular patch cycle. Vendor patch is available.
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today