top of page
perceptive_background_267k.jpg

OpenClaw before 2026.3.31 parses MS Teams webhook request bodies before performing JWT validation, allowing unauthenticated attackers to trigger resource exhaus…

Published:

27 april 2026 om 22:00:00

Alert date:

28 april 2026 om 20:08:59

Source:

nvd.nist.gov

Click to open the original link from this advisory

Web Technologies, Enterprise Applications

OpenClaw versions before 2026.3.31 contain a vulnerability where MS Teams webhook request bodies are parsed before JWT validation is performed. This authentication bypass allows unauthenticated remote attackers to send malicious Teams webhook payloads that can exhaust server resources. The vulnerability enables denial of service attacks by bypassing authentication checks, making it possible for attackers to consume server resources without valid credentials. The issue has been addressed in version 2026.3.31 and later.

Technical details

Mitigation steps:

Affected products:

OpenClaw

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-41405
https://github.com/openclaw/openclaw/commit/3834d47099dd13c8244ed6de8b9ea9855c553623
https://github.com/openclaw/openclaw/security/advisories/GHSA-p464-m8x6-vhv8
https://www.vulncheck.com/advisories/openclaw-resource-exhaustion-via-unauthenticated-ms-teams-webhook-body-parsing

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page