CVE-2026-8305— OpenClaw bluebubbles Webhook monitor.ts handleBlueBubblesWebhookRequest improper authentication
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-8305
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
OpenClaw bluebubbles Webhook monitor.ts handleBlueBubblesWebhookRequest improper authentication
Source: NVD (National Vulnerability Database)
Vulnerability Description
A vulnerability was detected in OpenClaw up to 2026.1.24. The impacted element is the function handleBlueBubblesWebhookRequest of the file extensions/bluebubbles/src/monitor.ts of the component bluebubbles Webhook. Performing a manipulation results in improper authentication. It is possible to initiate the attack remotely. The exploit is now public and may be used. Upgrading to version 2026.2.12 is sufficient to resolve this issue. The patch is named a6653be0265f1f02b9de46c06f52ea7c81a836e6. The affected component should be upgraded.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Source: NVD (National Vulnerability Database)
Vulnerability Type
认证机制不恰当
Source: NVD (National Vulnerability Database)
Vulnerability Title
OpenClaw 授权问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
OpenClaw是OpenClaw开源的一个智能人工助理。 OpenClaw 2026.1.24及之前版本存在授权问题漏洞,该漏洞源于bluebubbles Webhook组件中extensions/bluebubbles/src/monitor.ts文件的handleBlueBubblesWebhookRequest函数,可能导致身份验证不当。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | OpenClaw | 2026.1.0 | cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:*:*:* |
II. Public POCs for CVE-2026-8305
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-8305
请登录查看更多情报信息。
- https://github.com/openclaw/openclaw/issues/13786issue-tracking
- https://vuldb.com/submit/809371third-party-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-8305
Same Patch Batch · n/a · 2026-05-11 · 48 CVEs total
| CVE-2026-8261 | 5.9 MEDIUM | Squirrel sqobject.cpp Load heap-based overflow |
| CVE-2026-8258 | 5.3 MEDIUM | Squirrel sqstdstring.cpp validate_format stack-based overflow |
| CVE-2026-8292 | 4.3 MEDIUM | Open5GS NRF conv.c yuarel_parse denial of service |
| CVE-2026-8266 | 4.3 MEDIUM | Open5GS SMF gsm-build.c gsm_build_pdu_session_establishment_accept denial of service |
| CVE-2026-8267 | 4.3 MEDIUM | Open5GS SMF smf_nsmf_handle_created_data_in_vsmf denial of service |
| CVE-2026-8268 | 4.3 MEDIUM | Open5GS SMF OpenAPI_list_create denial of service |
| CVE-2026-8269 | 4.3 MEDIUM | Open5GS SMF smf_nsmf_handle_create_sm_context denial of service |
| CVE-2026-8270 | 4.3 MEDIUM | Open5GS SMF ogs_nas_parse_qos_rules denial of service |
| CVE-2026-8290 | 4.3 MEDIUM | Open5GS SMF nsmf-handler.c smf_nsmf_handle_update_data_in_vsmf denial of service |
| CVE-2026-8291 | 4.3 MEDIUM | Open5GS NRF nnrf-handler.c ogs_nnrf_nfm_handle_nf_profile denial of service |
| CVE-2026-8288 | 4.3 MEDIUM | Open5GS SMF gsm-handler.c denial of service |
| CVE-2026-8289 | 4.3 MEDIUM | Open5GS SMF nsmf-handler.c smf_nsmf_handle_update_data_in_vsmf denial of service |
| CVE-2026-8276 | 3.7 LOW | bettercap MySQL Server mysql_server.go integer coercion |
| CVE-2026-8275 | 3.7 LOW | bettercap zerogod IPP Service zerogod_ipp_primitives.go ippReadChunkedBody integer coercio |
| CVE-2025-61313 | docuForm FSM Server 跨站脚本漏洞 | |
| CVE-2025-61307 | docuForm FSM Server 跨站脚本漏洞 | |
| CVE-2025-61305 | docuForm FSM Server 跨站脚本漏洞 | |
| CVE-2025-61309 | docuForm FSM Server 跨站脚本漏洞 | |
| CVE-2025-65415 | docuForm FSM Server 授权问题漏洞 | |
| CVE-2026-31252 | CosyVoice 安全漏洞 |
Showing top 20 of 48 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same product: OpenClaw
- CVE-2026-45006
OpenClaw < 2026.4.23 - Unsafe Config Mutation via Gateway To - CVE-2026-45005
OpenClaw < 2026.4.23 - Webhook Route Secret Cache Not Invali - CVE-2026-45004
OpenClaw < 2026.4.23 - Arbitrary Code Execution via setup-ap - CVE-2026-45003
OpenClaw < 2026.4.22 - Connector Endpoint Host Override via - CVE-2026-45002
OpenClaw < 2026.4.20 - Hook Session-Key Bypass via Template
Same vendor: n/a
- CVE-2026-6638
PostgreSQL REFRESH PUBLICATION allows SQL injection via tabl - CVE-2026-6575
PostgreSQL pg_restore_attribute_stats accepts values that ca - CVE-2026-6637
PostgreSQL refint allows stack buffer overflow and SQL injec - CVE-2026-6479
PostgreSQL SSL/GSS init causes denial of service, via uncont - CVE-2026-6478
PostgreSQL discloses MD5-hashed passwords via covert timing
Same weakness: CWE-287
- CVE-2026-5229
Receive Notifications After Form Submitting – Form Notify fo - CVE-2026-8621
Crabbox < v0.12.0 Authentication Bypass via Header Spoofing - CVE-2026-20182
Cisco Catalyst SD-WAN Controller Authentication Bypass Vulne - CVE-2026-8181
Burst Statistics 3.4.0 - 3.4.1.1 - Authentication Bypass to - CVE-2026-44351
fast-jwt: Empty HMAC secret accepted via async key resolver
V. Comments for CVE-2026-8305
No comments yet