Description
OpenClaw before 2026.3.31 contains a sender allowlist bypass vulnerability in MS Teams thread history fetched via Graph API. Attackers can retrieve thread messages that should be filtered by sender allowlists, bypassing message filtering restrictions.
Published: 2026-04-27
Score: 5.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Bypass Sender Allowlist
Action: Patch
AI Analysis

Impact

The vulnerability allows an attacker to retrieve Microsoft Teams thread messages via the Graph API that should be blocked by sender allowlists, thereby bypassing the application’s intended message filtering controls. By exploiting this flaw, an attacker can access content that was meant to be denied, potentially exposing sensitive information that the allowlist was designed to protect.

Affected Systems

The flaw exists in the OpenClaw application before version 2026.3.31. Users running any version earlier than 2026.3.31 are affected, regardless of the operating system, as the product runs in Node.js environments.

Risk and Exploitability

The CVSS score of 5.3 indicates a moderate severity level, and the vulnerability is not listed in the CISA KEV catalog, suggesting no known widespread exploitation as of now. Because the attack requires access to the Graph API for a Teams thread, it is likely a remote scenario that depends on the attacker having sufficient Graph API permissions or a compromised account. With the EPSS score of < 1%, the probability of exploitation remains uncertain, but the potential impact of bypassing sender allowlists warrants prompt remediation.

Generated by OpenCVE AI on April 29, 2026 at 01:34 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the OpenClaw update to version 2026.3.31 or later to remove the sender allowlist bypass.
  • Restrict the Teams integration to only the minimum Graph API scopes required, preventing access to historical thread data.
  • Add server‑side validation that checks each message’s sender against the configured allowlist before processing or delivering the content.

Generated by OpenCVE AI on April 29, 2026 at 01:34 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 28 Apr 2026 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 27 Apr 2026 23:45:00 +0000

Type Values Removed Values Added
Description OpenClaw before 2026.3.31 contains a sender allowlist bypass vulnerability in MS Teams thread history fetched via Graph API. Attackers can retrieve thread messages that should be filtered by sender allowlists, bypassing message filtering restrictions.
Title OpenClaw < 2026.3.31 - Sender Allowlist Bypass via Graph API Thread History
First Time appeared Openclaw
Openclaw openclaw
Weaknesses CWE-441
CPEs cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*
Vendors & Products Openclaw
Openclaw openclaw
References
Metrics cvssV3_1

{'score': 5.4, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N'}

cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

Openclaw Openclaw
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-04-28T13:55:22.919Z

Reserved: 2026-04-20T14:09:02.629Z

Link: CVE-2026-41365

cve-icon Vulnrichment

Updated: 2026-04-28T13:55:08.089Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-28T00:16:25.563

Modified: 2026-04-28T18:41:30.363

Link: CVE-2026-41365

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-29T01:45:26Z

Weaknesses