CVE-2026-26319 | OpenClaw/Clawdbot/Moltbot up to 2026.2.13 Voice Call Plugin verifyWebhook missing authentication (GHSA-4hg8-92×6-h2f3)

Inserito da Angelo Barbosa | Feb 20, 2026 | CVE

A vulnerability identified as critical has been detected in OpenClaw, Clawdbot and Moltbot up to 2026.2.13. Impacted is the function verifyWebhook of the component Voice Call Plugin. Performing a manipulation results in missing authentication.

This vulnerability is known as CVE-2026-26319. Remote exploitation of the attack is possible. No exploit is available.

You should upgrade the affected component.

CVE-2026-26319 | OpenClaw/Clawdbot/Moltbot up to 2026.2.13 Voice Call Plugin verifyWebhook missing authentication (GHSA-4hg8-92×6-h2f3)

Post correlati

CVE-2024-47191 | oath-toolkit up to 2.6.11 pam_oath.so liboath/usersfile.c oath_authenticate_usersfile symlink (Nessus ID 208203)

CVE-2024-57095 | Go-CMS 1.1.10 sql injection

CVE-2025-14191 | UTT 进取 512W up to 1.7.7-171114 formP2PLimitConfig strcpy except buffer overflow

CVE-2025-2415 | Akinsoft MyRezzta up to 2.05.00 excessive authentication