Jwt Attack
CVE-2026-41301
MEDIUM
Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
4Blast Radius
ecosystem impact- 5 npm packages depend on openclaw (5 direct, 0 indirect)
Ecosystem-wide dependent count for version 2026.3.22.
DescriptionCVE.org
OpenClaw versions 2026.3.22 before 2026.3.31 contain a signature verification bypass vulnerability in the Nostr DM ingress path that allows pairing challenges to be issued before event signature validation. An unauthenticated remote attacker can send forged direct messages to create pending pairing entries and trigger pairing-reply attempts, consuming shared pairing capacity and triggering bounded relay and logging work on the Nostr channel.
AnalysisAI
OpenClaw 2026.3.22 through 2026.3.30 contain a signature verification bypass in the Nostr direct message (DM) ingress handler that processes pairing challenges before validating event signatures. Remote unauthenticated attackers can send forged DMs to create bogus pending pairing entries, exhaust shared pairing capacity, and trigger unbounded relay and logging work on the Nostr channel, causing denial of service. No public exploit code or active exploitation has been confirmed; a vendor patch is available in version 2026.3.31 and later.
Technical ContextAI
OpenClaw implements a Nostr protocol integration for direct messaging and peer pairing. The vulnerability stems from a logic flaw in the DM ingress validation pipeline (CWE-347: Improper Verification of Cryptographic Signature) where pairing challenge state is created and consumed before the initiating event's signature is cryptographically verified against the Nostr public key. Nostr events use Ed25519 signatures; by bypassing this validation step, an attacker can forge events with arbitrary sender claims. The affected DM ingress path is used to establish peer pairing relationships, which allocate shared resources (pairing capacity slots, relay bandwidth, logging buffers). The affected versions are OpenClaw CPE approximately cpe:2.3:a:openclaw:openclaw:2026.3.*:*:*:*:*:*:*:* for versions 2026.3.22 through 2026.3.30.
RemediationAI
Upgrade OpenClaw to version 2026.3.31 or later immediately; this is the vendor-released patch that adds signature validation before pairing challenge state creation. For deployments unable to upgrade immediately, implement network-level mitigation by restricting Nostr DM ingress to trusted peer sources via firewall rules or relay access control lists (ACLs). Specifically, disable or restrict inbound Nostr events from untrusted networks to the DM ingress port/endpoint, reducing attack surface at the cost of limiting peer discovery and legitimate pairing from external sources. Monitor Nostr relay and logging resource consumption (pairing queue depth, event buffer memory) and implement alerting thresholds to detect capacity exhaustion attacks; this does not prevent the vulnerability but provides early warning. If pairing capacity exhaustion occurs, manually flush pending pairing entries via administrative tools and restart the affected relay service to recover capacity; document this procedure for incident response. Do not rely on rate-limiting alone, as the attacker controls the forged event sender identity and can distribute attacks across many spoofed identities. The vendor recommends patching as the definitive fix, with no known workarounds that preserve full pairing functionality.
More in Jwt Attack
View allWhy is Microsoft republishing a CVE from 2013? We are republishing CVE-2013-3900 in the Security Update Guide to update
Authentication bypass in SimpleHelp 5.5.15 and prior (plus 6.0 pre-release builds) allows remote unauthenticated attacke
Authentication bypass in Fortinet FortiOS, FortiProxy, and FortiSwitchManager allows unauthenticated remote attackers to
ruby-saml provides security assertion markup language (SAML) single sign-on (SSO) for Ruby. Rated critical severity (CVS
ruby-saml provides security assertion markup language (SAML) single sign-on (SSO) for Ruby. Rated critical severity (CVS
The package jsrsasign before 10.5.25 are vulnerable to Improper Verification of Cryptographic Signature when JWS or JWT
A library injection vulnerability exists in Microsoft Teams (work or school) 24046.2813.2770.1094 for macOS. Rated criti
A library injection vulnerability exists in the WebView.app helper app of Microsoft Teams (work or school) 24046.2813.27
A library injection vulnerability exists in the com.microsoft.teams2.modulehost.app helper app of Microsoft Teams (work
The Ruby SAML library is for implementing the client side of a SAML authorization. Rated critical severity (CVSS 9.8), t
cosign is a container signing and verification utility. Rated critical severity (CVSS 9.8), this vulnerability is remote
Biscuit is an authentication and authorization token for microservices architectures. Rated critical severity (CVSS 9.8)
Same technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today