CVE-2026-41367
Published
CVSS v3
5
MEDIUM
CVSS v2
N/A
Affected
1
PROJECT
Description
OpenClaw versions 2026.2.14 through 2026.3.24 fail to consistently apply guild and channel policy gates to Discord button and component interactions. Attackers can trigger privileged component actions from blocked contexts by bypassing channel policy enforcement.
Your own personal AI assistant. Any OS. Any Platform. The lobster way. 🦞
GitHub