Main Vulnerability Database Vulnerabilities #VU125225

#VU125225 Improper Restriction of Excessive Authentication Attempts in OpenClaw - CVE-2026-33580

Published: April 8, 2026

Vulnerability identifier: #VU125225

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2026-33580

CWE-ID: CWE-307

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
OpenClaw

Software vendor:
OpenClaw

Description

The vulnerability allows a remote attacker to forge inbound webhook events.

The vulnerability exists due to improper restriction of excessive authentication attempts in extensions/nextcloud-talk/src/monitor.ts when handling webhook signature authentication. A remote attacker can brute-force a weak shared secret online to forge inbound webhook events.

The issue is exposed to an attacker who can reach the webhook endpoint.

Remediation

Install security update from vendor's website.

External links

https://github.com/openclaw/openclaw/security/advisories/GHSA-9528-x887-j2fp

#VU125225 Improper Restriction of Excessive Authentication Attempts in OpenClaw - CVE-2026-33580

Description

Remediation

External links

Please verify you're human