Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2026-41362

OpenClaw versions 2026.2.19 before 2026.3.31 contain an improper cache isolation vulnerability in the Zalo webhook replay-dedupe mechanism that is shared across authenticated webhook targets. Attackers controlling one authenticated Zalo webhook path in multi-account deployments can suppress legitimate events on different accounts by matching event_name and message_id parameters.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 11.5%
CVSS Severity
CVSS v3 Score 4.3
Products affected by CVE-2026-41362
  • Openclaw » Openclaw » Version: 2026.2.19
    cpe:2.3:a:openclaw:openclaw:2026.2.19
  • Openclaw » Openclaw » Version: 2026.2.19-1
    cpe:2.3:a:openclaw:openclaw:2026.2.19-1
  • Openclaw » Openclaw » Version: 2026.2.19-2
    cpe:2.3:a:openclaw:openclaw:2026.2.19-2
  • Openclaw » Openclaw » Version: 2026.2.21
    cpe:2.3:a:openclaw:openclaw:2026.2.21
  • Openclaw » Openclaw » Version: 2026.2.21-1
    cpe:2.3:a:openclaw:openclaw:2026.2.21-1
  • Openclaw » Openclaw » Version: 2026.2.21-2
    cpe:2.3:a:openclaw:openclaw:2026.2.21-2
  • Openclaw » Openclaw » Version: 2026.2.22
    cpe:2.3:a:openclaw:openclaw:2026.2.22
  • Openclaw » Openclaw » Version: 2026.2.22-1
    cpe:2.3:a:openclaw:openclaw:2026.2.22-1
  • Openclaw » Openclaw » Version: 2026.2.22-2
    cpe:2.3:a:openclaw:openclaw:2026.2.22-2
  • Openclaw » Openclaw » Version: 2026.2.23
    cpe:2.3:a:openclaw:openclaw:2026.2.23
  • Openclaw » Openclaw » Version: 2026.2.24
    cpe:2.3:a:openclaw:openclaw:2026.2.24
  • Openclaw » Openclaw » Version: 2026.2.25
    cpe:2.3:a:openclaw:openclaw:2026.2.25
  • Openclaw » Openclaw » Version: 2026.2.26
    cpe:2.3:a:openclaw:openclaw:2026.2.26
  • Openclaw » Openclaw » Version: 2026.2.61
    cpe:2.3:a:openclaw:openclaw:2026.2.61
  • Openclaw » Openclaw » Version: 2026.2.62
    cpe:2.3:a:openclaw:openclaw:2026.2.62
  • Openclaw » Openclaw » Version: 2026.2.63
    cpe:2.3:a:openclaw:openclaw:2026.2.63
  • Openclaw » Openclaw » Version: 2026.3.1
    cpe:2.3:a:openclaw:openclaw:2026.3.1
  • Openclaw » Openclaw » Version: 2026.3.11
    cpe:2.3:a:openclaw:openclaw:2026.3.11
  • Openclaw » Openclaw » Version: 2026.3.12
    cpe:2.3:a:openclaw:openclaw:2026.3.12
  • Openclaw » Openclaw » Version: 2026.3.13
    cpe:2.3:a:openclaw:openclaw:2026.3.13
  • Openclaw » Openclaw » Version: 2026.3.2
    cpe:2.3:a:openclaw:openclaw:2026.3.2
  • Openclaw » Openclaw » Version: 2026.3.22
    cpe:2.3:a:openclaw:openclaw:2026.3.22
  • Openclaw » Openclaw » Version: 2026.3.23
    cpe:2.3:a:openclaw:openclaw:2026.3.23
  • Openclaw » Openclaw » Version: 2026.3.23-2
    cpe:2.3:a:openclaw:openclaw:2026.3.23-2
  • Openclaw » Openclaw » Version: 2026.3.24
    cpe:2.3:a:openclaw:openclaw:2026.3.24
  • Openclaw » Openclaw » Version: 2026.3.25
    cpe:2.3:a:openclaw:openclaw:2026.3.25
  • Openclaw » Openclaw » Version: 2026.3.28
    cpe:2.3:a:openclaw:openclaw:2026.3.28
  • Openclaw » Openclaw » Version: 2026.3.7
    cpe:2.3:a:openclaw:openclaw:2026.3.7
  • Openclaw » Openclaw » Version: 2026.3.8
    cpe:2.3:a:openclaw:openclaw:2026.3.8


Products
Pricing
Contact Us

Shodan ® - All rights reserved