CVE-2026-25474
OpenClaw has a Telegram webhook request forgery (missing `channels.telegram.webhookSecret`) → auth bypass
Description
## Summary In Telegram webhook mode, if `channels.telegram.webhookSecret` is not set, OpenClaw may accept webhook HTTP requests without verifying Telegram’s secret token header. In deployments where the webhook endpoint is reachable by an attacker, this can allow forged Telegram updates (for example spoofing `message.from.id`). Note: Telegram webhook mode is not enabled by default. It is enabled only when `channels.telegram.webhookUrl` is configured. ## Affected Packages / Versions - Package: `openclaw` (npm) - Affected: `<= 2026.1.30` - Patched: `>= 2026.2.1` ## Impact If an attacker can reach the webhook endpoint, they may be able to send forged updates that are processed as if they came from Telegram. Depending on enabled commands/tools and configuration, this could lead to unintended bot actions. ## Mitigations / Workarounds - Set a strong `channels.telegram.webhookSecret` and ensure your reverse proxy forwards the `X-Telegram-Bot-Api-Secret-Token` header unchanged. - Restrict network access to the webhook endpoint (for example bind to loopback and only expose via a reverse proxy). ## Fix Commit(s) - ca92597e1f9593236ad86810b66633144b69314d (config validation: `webhookUrl` requires `webhookSecret`) Defense-in-depth / supporting fixes: - 5643a934799dc523ec2ef18c007e1aa2c386b670 (default webhook listener bind host to loopback) - 3cbcba10cf30c2ffb898f0d8c7dfb929f15f8930 (bound webhook request body size/time) - 633fe8b9c17f02fcc68ecdb5ec212a5ace932f09 (runtime guard: reject webhook startup when secret is missing/empty) Thanks @yueyueL for reporting.
How to fix CVE-2026-25474
To remediate CVE-2026-25474, upgrade the affected package to a fixed version below.
- —upgrade to 2026.2.1 or later
Is CVE-2026-25474 being exploited?
Low — EPSS is 0.0%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 2026.2.1