Description
OpenClaw is a personal AI assistant. Versions 2026.2.13 and below allow the optional @openclaw/voice-call plugin Telnyx webhook handler to accept unsigned inbound webhook requests when telnyx.publicKey is not configured, enabling unauthenticated callers to forge Telnyx events. Telnyx webhooks are expected to be authenticated via Ed25519 signature verification. In affected versions, TelnyxProvider.verifyWebhook() could effectively fail open when no Telnyx public key was configured, allowing arbitrary HTTP POST requests to the voice-call webhook endpoint to be treated as legitimate Telnyx events. This only impacts deployments where the Voice Call plugin is installed, enabled, and the webhook endpoint is reachable from the attacker (for example, publicly exposed via a tunnel/proxy). The issue has been fixed in version 2026.2.14.
Published: 2026-02-19
Score: 7.5 High
EPSS: < 1% Very Low
KEV: No
Impact: Unauthenticated webhook requests leading to forged Telnyx events
Action: Immediate Patch
AI Analysis

Impact

OpenClaw versions up to and including 2026.2.13 expose the Telnyx webhook handler in the optional @openclaw/voice-call plugin to unsigned inbound requests when the telnyx.publicKey setting is not configured. The verification routine, TelnyxProvider.verifyWebhook(), can bypass signature validation entirely in this circumstance, allowing an attacker to send arbitrary HTTP POST traffic to the voice‑call endpoint and have it processed as a legitimate Telnyx event. This flaw represents a clear loss of authentication and is classified as CWE‑306.

Affected Systems

The vulnerability is present in the OpenClaw OpenClaw product, specifically versions 2026.2.13 and earlier. The affected path requires that the Voice Call plugin is installed, enabled, and that the webhook endpoint is reachable from the network of an attacker. The fix was released in version 2026.2.14.

Risk and Exploitability

With a CVSS score of 7.5, the issue is considered high severity. The EPSS score is below 1%, indicating low current exploitation probability in the wild, and the vulnerability is not listed in the CISA KEV catalog. An attacker would need external network access to the webhook endpoint—typically via a publicly exposed URL or tunnel—to exploit the flaw. The exploit path is straightforward: craft an HTTP POST directed at the endpoint, and, if the public key is absent, the request is accepted and processed as a legitimate Telnyx event.

Generated by OpenCVE AI on April 17, 2026 at 17:51 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade OpenClaw to version 2026.2.14 or later.
  • If an upgrade cannot be performed immediately, configure a valid telnyx.publicKey in the OpenClaw settings so that signature verification will execute.
  • As a temporary measure, disable the voice‑call plugin or restrict external access to the webhook endpoint until the patch is applied.

Generated by OpenCVE AI on April 17, 2026 at 17:51 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-4hg8-92x6-h2f3 OpenClaw is Missing Webhook Authentication in Telnyx Provider Allows Unauthenticated Requests
History

Fri, 20 Feb 2026 19:15:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*

Fri, 20 Feb 2026 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 20 Feb 2026 10:15:00 +0000

Type Values Removed Values Added
First Time appeared Openclaw
Openclaw openclaw
Vendors & Products Openclaw
Openclaw openclaw

Thu, 19 Feb 2026 22:30:00 +0000

Type Values Removed Values Added
Description OpenClaw is a personal AI assistant. Versions 2026.2.13 and below allow the optional @openclaw/voice-call plugin Telnyx webhook handler to accept unsigned inbound webhook requests when telnyx.publicKey is not configured, enabling unauthenticated callers to forge Telnyx events. Telnyx webhooks are expected to be authenticated via Ed25519 signature verification. In affected versions, TelnyxProvider.verifyWebhook() could effectively fail open when no Telnyx public key was configured, allowing arbitrary HTTP POST requests to the voice-call webhook endpoint to be treated as legitimate Telnyx events. This only impacts deployments where the Voice Call plugin is installed, enabled, and the webhook endpoint is reachable from the attacker (for example, publicly exposed via a tunnel/proxy). The issue has been fixed in version 2026.2.14.
Title OpenClaw has Missing Webhook Authentication in Telnyx Provider Allowing Unauthenticated Requests
Weaknesses CWE-306
References
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N'}

Subscriptions

Openclaw Openclaw
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-02-20T15:41:27.084Z

Reserved: 2026-02-13T16:27:51.807Z

Link: CVE-2026-26319

cve-icon Vulnrichment

Updated: 2026-02-20T15:32:07.463Z

cve-icon NVD

Status : Analyzed

Published: 2026-02-19T23:16:24.857

Modified: 2026-02-20T19:03:02.103

Link: CVE-2026-26319

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-17T18:00:12Z

Weaknesses