Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
4Blast Radius
ecosystem impact- 1 npm packages depend on openclaw (1 direct, 0 indirect)
Ecosystem-wide dependent count for version 2026.3.12.
DescriptionCVE.org
OpenClaw before 2026.3.12 contains an authentication bypass vulnerability in Feishu webhook mode when only verificationToken is configured without encryptKey, allowing acceptance of forged events. Unauthenticated network attackers can inject forged Feishu events and trigger downstream tool execution by reaching the webhook endpoint.
AnalysisAI
Authentication bypass in OpenClaw's Feishu webhook integration (pre-2026.3.12) allows unauthenticated remote attackers to inject forged events and trigger arbitrary downstream tool execution. The vulnerability occurs when administrators configure only verificationToken without encryptKey, enabling attackers to craft malicious webhook payloads that bypass validation. No public exploit identified at time of analysis, though CVSS 8.8 reflects network accessibility (AV:N), zero complexity (AC:L), and no privileges required (PR:N).
Technical ContextAI
OpenClaw implements webhook integration with Feishu (ByteDance's enterprise collaboration platform) using two-tier security: verificationToken for basic request validation and encryptKey for cryptographic payload verification. The vulnerability stems from CWE-347 (Improper Verification of Cryptographic Signature), where the application accepts events authenticated only by verificationToken-a shared secret transmitted in cleartext-without enforcing encryptKey-based HMAC or digital signature verification. When encryptKey is omitted from configuration, attackers can forge valid-appearing webhook requests by simply including the verificationToken, which may be leaked through network traffic inspection, configuration exposures, or social engineering. The affected CPE (cpe:2.3:a:openclaw:openclaw) indicates this is a product-wide architecture flaw rather than version-specific regression.
RemediationAI
Upgrade to OpenClaw version 2026.3.12 or later, which enforces mandatory encryptKey validation for Feishu webhook requests. The patched version rejects webhook events lacking cryptographic signature verification, closing the authentication bypass vector. For environments unable to immediately upgrade, implement compensating controls: configure encryptKey parameter in webhook settings to enable HMAC-based payload authentication, restrict network access to webhook endpoints using firewall rules or reverse proxy ACLs permitting only Feishu server IP ranges, and enable request logging to detect anomalous webhook traffic patterns. Verify remediation by attempting webhook delivery with valid verificationToken but invalid or missing encryptKey-the application should reject the request post-patch. Consult vendor security advisory at https://github.com/openclaw/openclaw/security/advisories/GHSA-g353-mgv3-8pcj for configuration migration guidance and backward compatibility considerations when enabling encryptKey on existing deployments.
More in Jwt Attack
View allWhy is Microsoft republishing a CVE from 2013? We are republishing CVE-2013-3900 in the Security Update Guide to update
Authentication bypass in SimpleHelp 5.5.15 and prior (plus 6.0 pre-release builds) allows remote unauthenticated attacke
Authentication bypass in Fortinet FortiOS, FortiProxy, and FortiSwitchManager allows unauthenticated remote attackers to
ruby-saml provides security assertion markup language (SAML) single sign-on (SSO) for Ruby. Rated critical severity (CVS
ruby-saml provides security assertion markup language (SAML) single sign-on (SSO) for Ruby. Rated critical severity (CVS
The package jsrsasign before 10.5.25 are vulnerable to Improper Verification of Cryptographic Signature when JWS or JWT
A library injection vulnerability exists in Microsoft Teams (work or school) 24046.2813.2770.1094 for macOS. Rated criti
A library injection vulnerability exists in the WebView.app helper app of Microsoft Teams (work or school) 24046.2813.27
A library injection vulnerability exists in the com.microsoft.teams2.modulehost.app helper app of Microsoft Teams (work
The Ruby SAML library is for implementing the client side of a SAML authorization. Rated critical severity (CVSS 9.8), t
cosign is a container signing and verification utility. Rated critical severity (CVSS 9.8), this vulnerability is remote
Biscuit is an authentication and authorization token for microservices architectures. Rated critical severity (CVSS 9.8)
Same technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-17013
GHSA-vjqw-w5jr-g9w5