GHSA-7vwx-582j-j332
Suggest an improvement- Source
- https://github.com/advisories/GHSA-7vwx-582j-j332
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/02/GHSA-7vwx-582j-j332/GHSA-7vwx-582j-j332.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-7vwx-582j-j332
- Aliases
- Published
- 2026-02-17T21:38:14Z
- Modified
- 2026-03-06T01:17:23.703704Z
- Severity
-
- 7.4 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N CVSS Calculator
- 5.9 (Medium) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N CVSS Calculator
- Summary
- OpenClaw MS Teams inbound attachment downloader leaks bearer tokens to allowlisted suffix domains
- Details
-
Summary
NOTE: This only affects deployments that enable the optional MS Teams extension (Teams channel). If you do not use MS Teams, you are not impacted.
When OpenClaw downloads inbound MS Teams attachments / inline images, it may retry a URL with an
Authorization: Bearer <token>header after receiving401or403.Because the default download allowlist uses suffix matching (and includes some multi-tenant suffix domains), a message that references an untrusted but allowlisted host could cause that bearer token to be sent to the wrong place.
Affected Packages / Versions
- Package:
openclaw(npm) - Vulnerable:
<= 2026.1.30 - Patched:
>= 2026.2.1
Fix
- Fix commit:
41cc5bcd4f1d434ad1bbdfa55b56f25025ecbf6b - Upgrade to
openclaw >= 2026.2.1
Workarounds
- If you do not need MS Teams, disable the MS Teams extension.
- If you must stay on an older version, ensure the auth host allowlist is strict (only Microsoft-owned endpoints that require auth) and avoid wildcard or broad suffix entries.
Credits
Thanks @yueyueL for reporting.
- Package:
- Database specific
{ "github_reviewed": true, "github_reviewed_at": "2026-02-17T21:38:14Z", "cwe_ids": [ "CWE-201" ], "severity": "MODERATE", "nvd_published_at": "2026-03-05T22:16:22Z" }- References
-
- https://github.com/openclaw/openclaw/security/advisories/GHSA-7vwx-582j-j332
- https://nvd.nist.gov/vuln/detail/CVE-2026-28481
- https://github.com/openclaw/openclaw/commit/41cc5bcd4f1d434ad1bbdfa55b56f25025ecbf6b
- https://github.com/openclaw/openclaw
- https://github.com/openclaw/openclaw/releases/tag/v2026.2.1
- https://www.vulncheck.com/advisories/openclaw-bearer-token-leakage-via-ms-teams-attachment-downloader-suffix-matching
Affected packages
npm / openclaw
Package
- Name
- openclaw
- View open source insights on deps.dev
- Purl
- pkg:npm/openclaw