CVE-2026-41365
Sender Allowlist Bypass in OpenClaw MS Teams Thread History
Publication date: 2026-04-28
Last updated on: 2026-04-28
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| openclaw | openclaw | to 2026.3.31 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-441 | The product receives a request, message, or directive from an upstream component, but the product does not sufficiently preserve the original source of the request before forwarding the request to an external actor that is outside of the product's control sphere. This causes the product to appear to be the source of the request, leading it to act as a proxy or other intermediary between the upstream component and the external actor. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
CVE-2026-41365 allows attackers with limited privileges to bypass sender allowlist filtering in Microsoft Teams thread history accessed via the Graph API, potentially exposing messages that should be restricted.
This unauthorized access to message history could lead to exposure of sensitive or confidential information, which may impact compliance with data protection regulations such as GDPR or HIPAA that require strict access controls and protection of personal or health-related data.
By circumventing message filtering restrictions, the vulnerability increases the risk of unauthorized data disclosure, thereby potentially violating regulatory requirements for data confidentiality and access management.
Can you explain this vulnerability to me?
CVE-2026-41365 is a vulnerability in OpenClaw versions before 2026.3.31 that affects Microsoft Teams thread history accessed via the Microsoft Graph API. The issue is a sender allowlist bypass, meaning attackers with limited privileges can retrieve thread messages that should be filtered out by sender allowlists. This allows unauthorized access to messages that are supposed to be restricted, bypassing message filtering controls.
The vulnerability is classified under CWE-441 (Unintended Proxy or Intermediary, also known as 'Confused Deputy'). It has a medium severity rating with a CVSS v4 score of 5.3, indicating a network attack vector with low attack complexity and no user interaction required. The impact on confidentiality and integrity is low, and there is no impact on availability.
How can this vulnerability impact me? :
This vulnerability allows attackers with limited privileges to bypass sender allowlists and access Microsoft Teams thread messages that should be restricted. As a result, unauthorized users can retrieve sensitive or private message history that was intended to be filtered out, potentially exposing confidential information.
The bypass of message filtering controls increases the risk of information disclosure and could allow injection of untrusted content into the processing context of the agent handling these messages, which might lead to further security issues.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability involves a sender allowlist bypass in Microsoft Teams thread history fetched via the Graph API in OpenClaw versions prior to 2026.3.31. Detection would involve monitoring or inspecting Graph API calls related to Microsoft Teams thread history to identify if messages from unauthorized senders are being retrieved.
Since the vulnerability allows attackers with limited privileges to bypass sender allowlists, detection could include checking logs or network traffic for unusual or unauthorized access to thread messages that should be filtered.
Specific commands are not provided in the available resources. However, general approaches might include:
- Using Microsoft Graph API audit logs or monitoring tools to review thread history fetch requests and verify sender filtering.
- Inspecting OpenClaw application logs for versions prior to 2026.3.31 to detect if thread messages include senders outside the configured allowlist.
- Using network monitoring tools to capture and analyze API calls to Microsoft Graph API related to Teams thread history.
What immediate steps should I take to mitigate this vulnerability?
The primary mitigation step is to upgrade OpenClaw to version 2026.3.31 or later, where the vulnerability has been fixed by implementing proper sender allowlist filtering in Microsoft Teams thread history fetched via the Graph API.
This update enforces filtering of thread messages to include only those sent by authorized users, preventing unauthorized access to restricted messages.
Until the upgrade can be applied, consider reviewing and tightening access controls and monitoring for suspicious activity related to Microsoft Teams thread history access.