CVE-2026-35670— OpenClaw < 2026.3.22 - Webhook Reply Rebinding via Username Resolution in Synology Chat
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-35670
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
OpenClaw < 2026.3.22 - Webhook Reply Rebinding via Username Resolution in Synology Chat
Source: NVD (National Vulnerability Database)
Vulnerability Description
OpenClaw before 2026.3.22 contains a webhook reply delivery vulnerability that allows attackers to rebind chat replies to unintended users by exploiting mutable username matching instead of stable numeric user identifiers. Attackers can manipulate username changes to redirect webhook-triggered replies to different users, bypassing the intended recipient binding recorded in webhook events.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
在安全决策中依赖未经信任的输入
Source: NVD (National Vulnerability Database)
Vulnerability Title
OpenClaw 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
OpenClaw是OpenClaw开源的一个智能人工助理。 OpenClaw 2026.3.22之前版本存在安全漏洞,该漏洞源于webhook回复传递存在漏洞,可能导致攻击者通过利用可变用户名匹配将聊天回复重新绑定到非预期用户。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2026-35670
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-35670
请登录查看更多情报信息。
Same Patch Batch · OpenClaw · 2026-04-10 · 29 CVEs total
| CVE-2026-35669 | 8.8 HIGH | OpenClaw < 2026.3.25 - Privilege Escalation via Gateway Plugin HTTP Authentication Scope |
| CVE-2026-35666 | 8.8 HIGH | OpenClaw < 2026.3.22 - Allowlist Bypass via Unregistered Time Dispatch Wrapper |
| CVE-2026-35643 | 8.8 HIGH | OpenClaw < 2026.3.22 - Arbitrary Code Execution via Unvalidated WebView JavascriptInterfac |
| CVE-2026-35663 | 8.8 HIGH | OpenClaw < 2026.3.25 - Privilege Escalation via Backend Reconnect Scope Self-Claim |
| CVE-2026-35660 | 8.1 HIGH | OpenClaw < 2026.3.23 - Insufficient Access Control in Gateway Agent Session Reset |
| CVE-2026-35653 | 8.1 HIGH | OpenClaw < 2026.3.24 - Incorrect Authorization in POST /reset-profile via browser.request |
| CVE-2026-35641 | 7.8 HIGH | OpenClaw < 2026.3.24 - Arbitrary Code Execution via .npmrc in Local Plugin/Hook Installati |
| CVE-2026-35668 | 7.7 HIGH | OpenClaw < 2026.3.24 - Sandbox Media Root Bypass via Unnormalized mediaUrl and fileUrl Par |
| CVE-2026-35650 | 7.5 HIGH | OpenClaw < 2026.3.22 - Environment Variable Override Bypass via Inconsistent Sanitization |
| CVE-2026-35621 | 6.5 MEDIUM | OpenClaw < 2026.3.24 - Privilege Escalation via chat.send to Allowlist Persistence |
| CVE-2026-35649 | 6.5 MEDIUM | OpenClaw < 2026.3.22 - Settings Reconciliation Bypass via Empty Allowlist |
| CVE-2026-35658 | 6.5 MEDIUM | OpenClaw < 2026.3.2 - Filesystem Boundary Bypass in Image Tool |
| CVE-2026-35657 | 6.5 MEDIUM | OpenClaw < 2026.3.25 - Authorization Bypass in HTTP Session History Route |
| CVE-2026-35656 | 6.5 MEDIUM | OpenClaw < 2026.3.22 - XFF Loopback Spoofing Bypass in Canvas Authentication and Rate Limi |
| CVE-2026-35652 | 6.5 MEDIUM | OpenClaw < 2026.3.22 - Unauthorized Action Execution via Callback Dispatch |
| CVE-2026-35667 | 6.1 MEDIUM | OpenClaw < 2026.3.24 - Improper Process Termination via Unpatched killProcessTree in shell |
| CVE-2026-35655 | 5.7 MEDIUM | OpenClaw < 2026.3.22 - Identity Spoofing via rawInput Tool in ACP Permission Resolution |
| CVE-2026-35620 | 5.4 MEDIUM | OpenClaw < 2026.3.24 - Missing Authorization in /send and /allowlist Chat Commands |
| CVE-2026-35654 | 5.3 MEDIUM | OpenClaw < 2026.3.25 - Authorization Bypass in Microsoft Teams Feedback Invoke |
| CVE-2026-35661 | 5.3 MEDIUM | OpenClaw < 2026.3.25 - Telegram DM-Scoped Inline Button Callback Authorization Bypass |
Showing top 20 of 29 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same product: OpenClaw
- CVE-2026-44118
OpenClaw < 2026.4.22 - Owner Context Spoofing via Bearer Tok - CVE-2026-44117
OpenClaw < 2026.4.20 - Server-Side Request Forgery in QQBot - CVE-2026-44116
OpenClaw < 2026.4.22 - Server-Side Request Forgery in Zalo P - CVE-2026-44115
OpenClaw < 2026.4.22 - Shell Expansion Bypass in Unquoted He - CVE-2026-44114
OpenClaw < 2026.4.20 - Environment Variable Namespace Collis
Same vendor: OpenClaw
- CVE-2026-44118
OpenClaw < 2026.4.22 - Owner Context Spoofing via Bearer Tok - CVE-2026-44116
OpenClaw < 2026.4.22 - Server-Side Request Forgery in Zalo P - CVE-2026-44117
OpenClaw < 2026.4.20 - Server-Side Request Forgery in QQBot - CVE-2026-44115
OpenClaw < 2026.4.22 - Shell Expansion Bypass in Unquoted He - CVE-2026-44114
OpenClaw < 2026.4.20 - Environment Variable Namespace Collis
Same weakness: CWE-807
- CVE-2026-6213
Remote Spark SparkView RCE - CVE-2026-39807
Client-supplied URI scheme trusted without transport verific - CVE-2026-41403
OpenClaw < 2026.3.31 - Access Control Bypass via Proxied Rem - CVE-2026-41390
OpenClaw < 2026.3.28 - Exec Allowlist Bypass via Unregistere - CVE-2026-41380
OpenClaw < 2026.3.28 - Arbitrary Execution Allowlist via Wra
V. Comments for CVE-2026-35670
No comments yet