Ghostwire

CVE-2026-35661: OpenClaw before 2026.3.25 contains an authorization bypass vulnerability in Telegram callback query handling that allows...

MEDIUM CVSS 5.5 EPSS 0.04%

Published: April 10, 2026 | Last Modified: April 10, 2026

Description

OpenClaw before 2026.3.25 contains an authorization bypass vulnerability in Telegram callback query handling that allows attackers to mutate session state without satisfying normal DM pairing requirements. Remote attackers can exploit weaker callback-only authorization in direct messages to bypass DM pairing and modify session state.

Ghostwire Analysis — What This Means Practically

Exploitation Probability (EPSS): Low — 0.04% (12th percentile)

Low exploitation probability based on current threat landscape data. Standard patching timeline is appropriate.

Medium CVSS score indicates moderate risk — exploitation requires specific conditions or results in limited impact.

This analysis is generated by Ghostwire from NVD, CISA KEV, EPSS, and open-source intelligence data. Verify findings through primary sources before acting.

CVE-2026-35661: OpenClaw before 2026.3.25 contains an authorization bypass vulnerability in Telegram callback query handling that allows...

Description

Ghostwire Analysis — What This Means Practically

Security Coverage (1 articles)

References