CVE-2026-34506 | OpenClaw up to 2026.3.7 Microsoft Teams Plugin team/channel groupAllowFrom authorization (GHSA-g7cr-9h7q-4qxq)

A vulnerability classified as problematic has been found in OpenClaw up to 2026.3.7. Affected is an unknown function of the file team/channel of the component Microsoft Teams Plugin. The manipulation of the argument groupAllowFrom leads to incorrect authorization.

This vulnerability is listed as CVE-2026-34506. The attack may be initiated remotely. There is no available exploit.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More