What is the CVSS score of EUVD-2026-13970?

EUVD-2026-13970 has a CVSS 3.1 base score of 5.4 (Medium). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N. EPSS exploitation probability: 0.0%.

Which versions of Openclaw are affected by EUVD-2026-13970?

CVE-2026-32895 presents moderate security risk, a incorrect authorization vulnerability rated CVSS 5.4. Attackers could gain access beyond their authorized level.. A patch is available.

Is there a public PoC exploit available for EUVD-2026-13970?

Yes, a public proof-of-concept exploit is available for EUVD-2026-13970. Prioritise patching immediately. EPSS: 0.0%.

Openclaw EUVD-2026-13970

| CVE-2026-32895 MEDIUM

Incorrect Authorization (CWE-863)

2026-03-21 VulnCheck

GHSA-xgwg-m42c-8q62

Authentication Bypass Openclaw

5.4

CVSS 3.1 · NVD

Severity by source

NVD PRIMARY

5.4 MEDIUM

AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

Low

Availability

None

Lifecycle Timeline

PoC Detected

Mar 23, 2026 - 19:47 vuln.today

Public exploit code

EUVD ID Assigned

Mar 21, 2026 - 01:00 euvd

EUVD-2026-13970

Analysis Generated

Mar 21, 2026 - 01:00 vuln.today

Patch released

Mar 21, 2026 - 01:00 nvd

Patch available

CVE Published

Mar 21, 2026 - 00:42 nvd

MEDIUM 5.4

Blast Radius

ecosystem impact

† from your stack dependencies † transitive graph · vuln.today resolves 4-path depth

2 npm packages depend on openclaw (2 direct, 0 indirect)

Ecosystem-wide dependent count for version 2026.2.26.

DescriptionCVE.org

OpenClaw versions prior to 2026.2.26 fail to enforce sender authorization in member and message subtype system event handlers, allowing unauthorized events to be enqueued. Attackers can bypass Slack DM allowlists and per-channel user allowlists by sending system events from non-allowlisted senders through message_changed, message_deleted, and thread_broadcast events.

AnalysisAI

OpenClaw versions prior to 2026.2.26 contain an authentication bypass vulnerability in their Slack system event handlers that fails to properly enforce sender authorization checks. Attackers with low-privilege access (PR:L in CVSS vector) can craft and send unauthorized system events through message_changed, message_deleted, and thread_broadcast event types to bypass Slack DM allowlists and per-channel user allowlists. …

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Vulnerability AssessmentAI

Risk Assessment	The CVSS 3.1 score of 5.4 reflects a moderate severity profile: the attack vector is network-accessible (AV:N) and requires only low privileges (PR:L) with low attack complexity (AC:L), but impact is limited to confidentiality and integrity (C:L/I:L) with no availability impact (A:N). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario	An attacker with a low-privilege account in a Slack workspace integrated with vulnerable OpenClaw can craft a malicious message_changed system event that impersonates a sender from an allowlisted user or channel. By sending this event directly to OpenClaw's event handler (via API or event injection), the attacker bypasses the per-channel user allowlist that would normally prevent messages from their account, allowing them to trigger downstream automation or access restricted information. …
Remediation	Upgrade OpenClaw to version 2026.2.26 or later as detailed in the vendor security advisory at https://github.com/openclaw/openclaw/security/advisories/GHSA-v8cg-4474-49v8. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 30 days: Identify affected systems and apply vendor patches as part of regular patch cycle. …

Threat intelligence, references, and detailed analysis are available after sign-in.

More from same product – last 7 days

CVE-2026-53836 HIGH This Week

8.7 Jun 12

Remote code execution in OpenClaw before 2026.5.12 allows authenticated operators to bypass the PowerShell execution all

CVE-2026-53822 HIGH This Week

8.7 Jun 12

Command injection in OpenClaw before 2026.5.18 allows authenticated attackers to modify shell wrapper argv between appro

CVE-2026-53819 HIGH This Week

8.7 Jun 11

Arbitrary code execution in OpenClaw before 2026.5.27 lets attackers hijack the Homebrew executable resolved during skil

CVE-2026-53817 HIGH This Week

8.7 Jun 11

Authentication bypass in OpenClaw before 2026.5.22 allows authenticated network attackers to spoof locality information

CVE-2026-53821 HIGH This Week

8.7 Jun 12

Privilege escalation in OpenClaw before 2026.5.18 allows WebSocket-connected Control UI clients to claim operator.admin

EUVD-2026-13970 vulnerability details – vuln.today

Back

Openclaw EUVD-2026-13970

Severity by source

CVSS VectorNVD

Lifecycle Timeline

Blast Radius

DescriptionCVE.org

AnalysisAI

Unlock full vulnerability intelligence

Vulnerability AssessmentAI

Recommended ActionAI

More from same product – last 7 days

Share

External POC / Exploit Code