CVE-2026-41341
Published
CVSS v3
5.4
MEDIUM
CVSS v2
N/A
Affected
1
PROJECT
Description
OpenClaw before 2026.3.31 contains a logic error in Discord component interaction routing that misclassifies group direct messages as direct messages in extensions/discord/src/monitor/agent-components-helpers.ts. Attackers can exploit this misclassification to bypass group DM policy enforcement or trigger incorrect session handling.
Your own personal AI assistant. Any OS. Any Platform. The lobster way. 🦞
GitHub