CVE-2026-29606
OpenClaw Twilio voice-call webhook auth bypass when ngrok loopback compatibility is enabled
Description
## Summary A Twilio webhook signature-verification bypass in the voice-call extension could allow unauthenticated webhook requests when a specific ngrok free-tier compatibility option is enabled. ## Impact This issue is limited to configurations that explicitly enable and expose the voice-call webhook endpoint. Not affected by default: - The voice-call extension is optional and disabled by default. - The bypass only applied when `tunnel.allowNgrokFreeTierLoopbackBypass` was explicitly enabled. - Exploitation required the webhook to be reachable (typically via a public ngrok URL during development). Worst case (when exposed and the option was enabled): - An external attacker could send forged requests to the publicly reachable webhook endpoint that would be accepted without a valid `X-Twilio-Signature`. - This could result in unauthorized webhook event handling (integrity) and request flooding (availability). ## Affected Packages / Versions - Package: `openclaw` (npm) - Affected versions: `<= 2026.2.13` (latest published as of 2026-02-14) - Patched versions: `>= 2026.2.14` (planned next release; pending publish) ## Fix `allowNgrokFreeTierLoopbackBypass` no longer bypasses signature verification. It only enables trusting forwarded headers on loopback so the public ngrok URL can be reconstructed for correct signature validation. Fix commit(s): - ff11d8793b90c52f8d84dae3fbb99307da51b5c9 Thanks @p80n-sec for reporting.
How to fix CVE-2026-29606
To remediate CVE-2026-29606, upgrade the affected package to a fixed version below.
- —upgrade to 2026.2.14 or later
Is CVE-2026-29606 being exploited?
Low — EPSS is 0.1%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 2026.2.14