CVE-2026-41343 — MEDIUM (5.3)

Q: How severe is CVE-2026-41343?

CVE-2026-41343 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2026-41343?

Check the references section above for vendor advisories and patch information. Affected products include: Openclaw Openclaw.

Vulnerability Description

OpenClaw before 2026.3.31 lacks a shared pre-auth concurrency budget on the public LINE webhook path, allowing attackers to cause transient availability loss. Remote attackers can flood the webhook endpoint with concurrent requests before signature verification to exhaust resources and degrade service availability.

CVSS Score

5.3

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

LOW

Affected Products

Vendor	Product	Versions
Openclaw	Openclaw	< 2026.3.31

Related Weaknesses (CWE)

CWE-799

References

https://github.com/openclaw/openclaw/commit/57c47d8c7fbf5a2e70cc4dec238097796890Patch
https://github.com/openclaw/openclaw/security/advisories/GHSA-qcc3-jqwp-5vh2Vendor Advisory
https://www.vulncheck.com/advisories/openclaw-denial-of-service-via-line-webhookThird Party Advisory

FAQ

What is CVE-2026-41343?

CVE-2026-41343 is a vulnerability with a CVSS score of 5.3 (MEDIUM). OpenClaw before 2026.3.31 lacks a shared pre-auth concurrency budget on the public LINE webhook path, allowing attackers to cause transient availability loss. Remote attackers can flood the webhook en...

How severe is CVE-2026-41343?

CVE-2026-41343 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2026-41343?

Check the references section above for vendor advisories and patch information. Affected products include: Openclaw Openclaw.