CVE-2026-24764

3.7 LOW
Published: February 19, 2026 Modified: February 19, 2026
View on NVD

Description

OpenClaw (formerly Clawdbot) is a personal AI assistant users run on their own devices. In versions 2026.2.2 and below, when the Slack integration is enabled, channel metadata (topic/description) can be incorporated into the model's system prompt. Prompt injection is a documented risk for LLM-driven systems. This issue increases the injection surface by allowing untrusted Slack channel metadata to be treated as higher-trust system input. This issue has been fixed in version 2026.2.3.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

CVSS v3.x Details

0.0 Low Medium High Critical 10.0
Vector String
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
https://github.com/openclaw/openclaw/commit/35eb40a7000b59085e9c638a80fd03917c7a095e
Source: security-advisories@github.com
Patch
https://github.com/openclaw/openclaw/releases/tag/v2026.2.3
Source: security-advisories@github.com
Product Release Notes
https://github.com/openclaw/openclaw/security/advisories/GHSA-782p-5fr5-7fj8
Source: security-advisories@github.com
Exploit Patch Vendor Advisory

3 reference(s) from NVD

Quick Stats

CVSS v3 Score
3.7 / 10.0
EPSS (Exploit Probability)
0.0%
8th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-74 CWE-94

Affected Vendors

openclaw

Related CVEs

CVE-2026-33136 9.3
CVE-2026-33135 9.3
CVE-2026-33134 9.3
CVE-2026-33133 N/A
CVE-2026-33132 5.3