CVE-2026-35635 PUBLISHED

OpenClaw < 2026.3.22 - Webhook Path Route Replacement Vulnerability in Synology Chat

Assigner: VulnCheck
Reserved: 04.04.2026 Published: 09.04.2026 Updated: 09.04.2026

OpenClaw before 2026.3.22 contains a webhook path route replacement vulnerability in the Synology Chat extension that allows attackers to collapse multi-account configurations onto shared webhook paths. Attackers can exploit inherited or duplicate webhook paths to bypass per-account DM access control policies and replace route ownership across accounts.

Metrics

CVSS Vector: CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
CVSS Score: 6.3

Product Status

Vendor OpenClaw
Product OpenClaw
Versions Default: unaffected
  • affected from 0 to 2026.3.22 (excl.)
  • Version 2026.3.22 is unaffected

Credits

  • tdjackey reporter

References

Problem Types

  • CWE-706: Use of Incorrectly-Resolved Name or Reference CWE