{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-26316", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-02-13T16:27:51.807Z", "datePublished": "2026-02-19T21:28:33.454Z", "dateUpdated": "2026-02-20T15:41:50.888Z"}, "containers": {"cna": {"title": "OpenClaw has BlueBubbles webhook auth bypass via loopback proxy trust", "problemTypes": [{"descriptions": [{"cweId": "CWE-863", "lang": "en", "description": "CWE-863: Incorrect Authorization", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/openclaw/openclaw/security/advisories/GHSA-pchc-86f6-8758", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-pchc-86f6-8758"}, {"name": "https://github.com/openclaw/openclaw/commit/743f4b28495cdeb0d5bf76f6ebf4af01f6a02e5a", "tags": ["x_refsource_MISC"], "url": "https://github.com/openclaw/openclaw/commit/743f4b28495cdeb0d5bf76f6ebf4af01f6a02e5a"}, {"name": "https://github.com/openclaw/openclaw/commit/f836c385ffc746cb954e8ee409f99d079bfdcd2f", "tags": ["x_refsource_MISC"], "url": "https://github.com/openclaw/openclaw/commit/f836c385ffc746cb954e8ee409f99d079bfdcd2f"}, {"name": "https://github.com/openclaw/openclaw/releases/tag/v2026.2.13", "tags": ["x_refsource_MISC"], "url": "https://github.com/openclaw/openclaw/releases/tag/v2026.2.13"}], "affected": [{"vendor": "openclaw", "product": "openclaw", "versions": [{"version": "< 2026.2.13", "status": "affected"}]}, {"vendor": "openclaw", "product": "@openclaw/bluebubbles", "versions": [{"version": "< 2026.2.13", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-02-19T21:28:33.454Z"}, "descriptions": [{"lang": "en", "value": "OpenClaw is a personal AI assistant. Prior to 2026.2.13, the optional BlueBubbles iMessage channel plugin could accept webhook requests as authenticated based only on the TCP peer address being loopback (`127.0.0.1`, `::1`, `::ffff:127.0.0.1`) even when the configured webhook secret was missing or incorrect. This does not affect the default iMessage integration unless BlueBubbles is installed and enabled. Version 2026.2.13 contains a patch. Other mitigations include setting a non-empty BlueBubbles webhook password and avoiding deployments where a public-facing reverse proxy forwards to a loopback-bound Gateway without strong upstream authentication."}], "source": {"advisory": "GHSA-pchc-86f6-8758", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-20T15:32:08.946229Z", "id": "CVE-2026-26316", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-20T15:41:50.888Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-26316", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-02-20T15:32:08.946229Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-20T15:32:10.864Z"}}], "cna": {"title": "OpenClaw has BlueBubbles webhook auth bypass via loopback proxy trust", "source": {"advisory": "GHSA-pchc-86f6-8758", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "openclaw", "product": "openclaw", "versions": [{"status": "affected", "version": "< 2026.2.13"}]}, {"vendor": "openclaw", "product": "@openclaw/bluebubbles", "versions": [{"status": "affected", "version": "< 2026.2.13"}]}], "references": [{"url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-pchc-86f6-8758", "name": "https://github.com/openclaw/openclaw/security/advisories/GHSA-pchc-86f6-8758", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/openclaw/openclaw/commit/743f4b28495cdeb0d5bf76f6ebf4af01f6a02e5a", "name": "https://github.com/openclaw/openclaw/commit/743f4b28495cdeb0d5bf76f6ebf4af01f6a02e5a", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/openclaw/openclaw/commit/f836c385ffc746cb954e8ee409f99d079bfdcd2f", "name": "https://github.com/openclaw/openclaw/commit/f836c385ffc746cb954e8ee409f99d079bfdcd2f", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/openclaw/openclaw/releases/tag/v2026.2.13", "name": "https://github.com/openclaw/openclaw/releases/tag/v2026.2.13", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "OpenClaw is a personal AI assistant. Prior to 2026.2.13, the optional BlueBubbles iMessage channel plugin could accept webhook requests as authenticated based only on the TCP peer address being loopback (`127.0.0.1`, `::1`, `::ffff:127.0.0.1`) even when the configured webhook secret was missing or incorrect. This does not affect the default iMessage integration unless BlueBubbles is installed and enabled. Version 2026.2.13 contains a patch. Other mitigations include setting a non-empty BlueBubbles webhook password and avoiding deployments where a public-facing reverse proxy forwards to a loopback-bound Gateway without strong upstream authentication."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-863", "description": "CWE-863: Incorrect Authorization"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-02-19T21:28:33.454Z"}}}, "cveMetadata": {"cveId": "CVE-2026-26316", "state": "PUBLISHED", "dateUpdated": "2026-02-20T15:41:50.888Z", "dateReserved": "2026-02-13T16:27:51.807Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-02-19T21:28:33.454Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*", "matchCriteriaId": "E4A04671-72CA-4A53-A994-F382557349BB", "versionEndExcluding": "2026.2.13", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "OpenClaw is a personal AI assistant. Prior to 2026.2.13, the optional BlueBubbles iMessage channel plugin could accept webhook requests as authenticated based only on the TCP peer address being loopback (`127.0.0.1`, `::1`, `::ffff:127.0.0.1`) even when the configured webhook secret was missing or incorrect. This does not affect the default iMessage integration unless BlueBubbles is installed and enabled. Version 2026.2.13 contains a patch. Other mitigations include setting a non-empty BlueBubbles webhook password and avoiding deployments where a public-facing reverse proxy forwards to a loopback-bound Gateway without strong upstream authentication."}, {"lang": "es", "value": "OpenClaw es un asistente personal de IA. Antes de 2026.2.13, el plugin opcional del canal iMessage de BlueBubbles pod\u00eda aceptar solicitudes de webhook como autenticadas bas\u00e1ndose \u00fanicamente en que la direcci\u00f3n de par TCP fuera de bucle invertido ('127.0.0.1', '::1', '::ffff:127.0.0.1') incluso cuando el secreto de webhook configurado faltaba o era incorrecto. Esto no afecta a la integraci\u00f3n predeterminada de iMessage a menos que BlueBubbles est\u00e9 instalado y habilitado. La versi\u00f3n 2026.2.13 contiene un parche. Otras mitigaciones incluyen establecer una contrase\u00f1a de webhook de BlueBubbles no vac\u00eda y evitar implementaciones donde un proxy inverso de cara al p\u00fablico reenv\u00ede a un Gateway vinculado a loopback sin una fuerte autenticaci\u00f3n ascendente."}], "id": "CVE-2026-26316", "lastModified": "2026-02-24T19:59:36.100", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-02-19T22:16:47.110", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/openclaw/openclaw/commit/743f4b28495cdeb0d5bf76f6ebf4af01f6a02e5a"}, {"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/openclaw/openclaw/commit/f836c385ffc746cb954e8ee409f99d079bfdcd2f"}, {"source": "security-advisories@github.com", "tags": ["Product", "Release Notes"], "url": "https://github.com/openclaw/openclaw/releases/tag/v2026.2.13"}, {"source": "security-advisories@github.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-pchc-86f6-8758"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-863"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,2026.2.13)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "@openclaw/bluebubbles", "source": "cna", "vendor": "openclaw"}, "product": "@openclaw/bluebubbles", "vendor": "openclaw"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,2026.2.13)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "openclaw", "source": "cna", "vendor": "openclaw"}, "product": "openclaw", "vendor": "openclaw"}], "analysis": {"en": {"generated_at": "2026-04-18T11:42:11.185435+00:00", "value": {"mitigation_remediation": ["Upgrade OpenClaw to version 2026.2.13 or later to apply the official patch.", "Configure a non\u2011empty webhook password for the BlueBubbles plugin so the secret is checked even for loopback traffic.", "Avoid deployments where a public reverse proxy forwards external requests to a loopback\u2011bound OpenClaw gateway without robust upstream authentication, or enforce such authentication in the proxy configuration."], "summary": {"action": "Immediate Patch", "impact": "Authentication Bypass"}, "threat_synthesis": {"affected_systems": "Any installation of the OpenClaw application that has the BlueBubbles plugin enabled and is running a version older than 2026.2.13 is affected. The default iMessage integration is not impacted unless the BlueBubbles plugin is explicitly installed and enabled. Vendors such as OpenClaw are impacted through the openclaw:openclaw product line.", "description_and_impact": "OpenClaw\u2019s optional BlueBubbles iMessage channel plugin allowed webhook requests that originated from the local loopback interface to be treated as authenticated even when no webhook secret was configured or when the secret was incorrect, effectively bypassing the authentication mechanism. This flaw made it possible for an attacker to execute commands or access data through the plugin as if they were a legitimate webhook source. The vulnerability is identified as a CWE\u2011863 authorization flaw.", "risk_and_exploitability": "The CVSS score of 7.5 indicates a high severity vulnerability, while the EPSS score of under 1% suggests that exploitation opportunities are currently very limited. Because the flaw relies on loopback traffic, a local attacker or a remote adversary who can manipulate a public\u2011facing reverse proxy to forward traffic to the loopback\u2011bound OpenClaw gateway can exploit the issue. The vulnerability is not listed in CISA\u2019s KEV catalog, so no publicly known exploits have been reported to date."}}}}, "created": "2026-02-20T09:53:51.783333+00:00", "updated": "2026-04-18T11:45:44.599964+00:00", "vendors": ["openclaw", "openclaw$PRODUCT$@openclaw/bluebubbles", "openclaw$PRODUCT$openclaw"]}