CVE-2026-41362 | OpenClaw up to 2026.3.30 Zalo Webhook Replay-Dedupe event_name/message_id exposure of resource (GHSA-fqrj-m88p-qf3v)

A vulnerability classified as problematic was found in OpenClaw up to 2026.3.30. Affected by this vulnerability is an unknown functionality of the component Zalo Webhook Replay-Dedupe Handler. The manipulation of the argument event_name/message_id results in exposure of resource.

This vulnerability was named CVE-2026-41362. The attack may be performed from remote. There is no available exploit.

Upgrading the affected component is advised.VulDB Recent EntriesRead More