1  info:
 2    name: OpenClaw
 3    cve: CVE-2026-35670
 4    summary: OpenClaw 2026.3.22 之前版本存在 Webhook 回复重绑定漏洞
 5    details: OpenClaw 2026.3.22 之前版本存在 Webhook 回复投递漏洞，攻击者可通过利用可变用户名匹配（而非稳定的数字用户标识符）将聊天回复重绑定到非预期用户。攻击者可操纵用户名变更，将由 Webhook 触发的回复重定向至不同用户，从而绕过 Webhook 事件中记录的预期接收方绑定关系。
 6    cvss: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N
 7    severity: MEDIUM
 8    security_advise: 升级 OpenClaw 至 2026.3.22 或更高版本以修复此漏洞。
 9    references:
10    - https://github.com/openclaw/openclaw/commit/630f1479c44f78484dfa21bb407cbe6f171dac87
11    - https://github.com/openclaw/openclaw/commit/7ade3553b74ee3f461c4acd216653d5ba411f455
12    - https://github.com/openclaw/openclaw/security/advisories/GHSA-wv46-v6xc-2qhf
13    - https://www.vulncheck.com/advisories/openclaw-webhook-reply-rebinding-via-username-resolution-in-synology-chat
14  rule: version < "2026.3.22"
15  references:
16  - https://github.com/openclaw/openclaw/commit/630f1479c44f78484dfa21bb407cbe6f171dac87
17  - https://github.com/openclaw/openclaw/commit/7ade3553b74ee3f461c4acd216653d5ba411f455
18  - https://github.com/openclaw/openclaw/security/advisories/GHSA-wv46-v6xc-2qhf
19  - https://www.vulncheck.com/advisories/openclaw-webhook-reply-rebinding-via-username-resolution-in-synology-chat