Severity by source
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
AC:H reflects the AT:P attack requirement (allowFrom must be configured); PR:L for required authenticated lower-trust session; no availability or scope impact.
Primary rating from Vendor (VulnCheck).
CVSS VectorVendor: VulnCheck
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
2DescriptionCVE.org
OpenClaw MS Teams before 2026.5.12 contain an authorization bypass vulnerability where the allowFrom feature binds to mutable display names. Attackers with lower-trust access can perform actions requiring stronger authorization by exploiting the mutable display name binding in the affected feature.
AnalysisAI
Authorization bypass in OpenClaw MS Teams before 2026.5.12 allows authenticated lower-privileged users to escalate their effective permissions by spoofing display names that the allowFrom access-control feature trusts as immutable identifiers. The root flaw (CWE-290) is that the authorization decision is anchored to a mutable attribute - the display name - rather than a stable, non-spoofable identity token. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires three concurrent conditions: (1) the `allowFrom` feature must be actively configured with at least one display-name-based rule; (2) the attacker must already hold an authenticated lower-trust session within the Teams environment (PR:L - unauthenticated attackers cannot exploit this); (3) the attacker must be able to modify their own display name to match a trusted entry, which is standard in default Teams tenant configurations but can be restricted via Azure AD tenant policy. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 4.0 base score of 2.3 (AV:N/AC:L/AT:P/PR:L/UI:N) appropriately reflects the constrained real-world impact. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An authenticated user with a lower-trust role within an organization's OpenClaw MS Teams deployment renames their Teams display name to match the display name of a higher-privileged account or team that appears on an `allowFrom` allow-list. When the OpenClaw integration checks authorization, it matches on the spoofed display name and grants the attacker the elevated permissions associated with that entry, allowing them to invoke actions they would otherwise be denied. … |
| Remediation | Upgrade OpenClaw MS Teams to version 2026.5.12 or later, which is the vendor-released patch per the GitHub Security Advisory GHSA-7w4v-g4m6-j88v. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
Bot token and credential exposure in OpenClaw Bot Framework (versions before 2026.5.28) enables low-privilege authentica
Token leakage in OpenClaw's MS Teams integration (versions before 2026.5.27) allows lower-trust authenticated callers to
Same weakness CWE-290 – Authentication Bypass by Spoofing
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-45112
GHSA-fjfc-7x5g-g52w