CVE-2026-28454

OpenClaw · webhook mode

OpenClaw versions prior to 2026 contain a security vulnerability specifically related to the software's webhook mode.

Executive summary

A security flaw within the webhook mode of OpenClaw versions prior to 2026 poses a significant risk of unauthorized access or service disruption.

Vulnerability

This vulnerability affects the webhook processing functionality within OpenClaw. The specific technical mechanism and authentication requirements are currently unknown.

Business impact

The CVSS score of 7.5 indicates a High severity risk. Successful exploitation of the webhook mode could facilitate remote command execution or data injection, threatening the security posture of systems integrated via webhooks.

Remediation

Immediate Action: Verify the version of OpenClaw currently in use and apply the latest vendor-supplied security updates.

Proactive Monitoring: Monitor logs specifically for unusual webhook payloads or unexpected external requests hitting the application endpoints.

Compensating Controls: Restrict access to webhook endpoints using IP allowlisting or enhanced authentication tokens to limit the potential attack surface.

Exploitation status

Public Exploit Available: false

Analyst recommendation

Do not delay in reviewing your OpenClaw deployment. Prioritize the update of any systems utilizing the webhook feature to ensure the vulnerability is fully mitigated.