CVE-2026-26316
Received Received - Intake
Authentication Bypass in OpenClaw BlueBubbles Plugin via Loopback Trust

Publication date: 2026-02-19

Last updated on: 2026-02-24

Assigner: GitHub, Inc.

Description
OpenClaw is a personal AI assistant. Prior to 2026.2.13, the optional BlueBubbles iMessage channel plugin could accept webhook requests as authenticated based only on the TCP peer address being loopback (`127.0.0.1`, `::1`, `::ffff:127.0.0.1`) even when the configured webhook secret was missing or incorrect. This does not affect the default iMessage integration unless BlueBubbles is installed and enabled. Version 2026.2.13 contains a patch. Other mitigations include setting a non-empty BlueBubbles webhook password and avoiding deployments where a public-facing reverse proxy forwards to a loopback-bound Gateway without strong upstream authentication.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-19
Last Modified
2026-02-24
Generated
2026-06-16
AI Q&A
2026-02-20
EPSS Evaluated
2026-06-14
NVD
CVE-2026-26316
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
openclaw openclaw to 2026.2.13 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-863 The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the BlueBubbles iMessage channel plugin for OpenClaw, a personal AI assistant. Before version 2026.2.13, the plugin could accept webhook requests as authenticated solely based on the TCP peer address being loopback (such as 127.0.0.1 or ::1), even if the configured webhook secret was missing or incorrect.

This means that if BlueBubbles is installed and enabled, an attacker or process on the local machine could send webhook requests that would be trusted without proper authentication.

The default iMessage integration is not affected unless BlueBubbles is specifically installed and enabled.

Impact Analysis

The vulnerability allows unauthorized webhook requests to be accepted as authenticated if they originate from the loopback address, bypassing the webhook secret authentication.

This can lead to unauthorized actions or commands being executed via the webhook interface, potentially compromising the integrity of the system or the AI assistant's operations.

Since the CVSS score indicates a high impact on integrity (7.5 base score with high impact on integrity), attackers could manipulate or inject malicious data or commands.

Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

To mitigate this vulnerability, you should upgrade OpenClaw to version 2026.2.13 or later, which contains a patch addressing the issue.

Additionally, set a non-empty BlueBubbles webhook password to ensure authentication is properly enforced.

Avoid deployments where a public-facing reverse proxy forwards requests to a loopback-bound Gateway without strong upstream authentication.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-26316. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart