CVE-2026-28481: OpenClaw MS Teams inbound attachment downloader leaks bearer tokens to allowlisted suffix domains
(updated )
NOTE: This only affects deployments that enable the optional MS Teams extension (Teams channel). If you do not use MS Teams, you are not impacted.
When OpenClaw downloads inbound MS Teams attachments / inline images, it may retry a URL with an Authorization: Bearer <token> header after receiving 401 or 403.
Because the default download allowlist uses suffix matching (and includes some multi-tenant suffix domains), a message that references an untrusted but allowlisted host could cause that bearer token to be sent to the wrong place.
References
- github.com/advisories/GHSA-7vwx-582j-j332
- github.com/openclaw/openclaw
- github.com/openclaw/openclaw/commit/41cc5bcd4f1d434ad1bbdfa55b56f25025ecbf6b
- github.com/openclaw/openclaw/releases/tag/v2026.2.1
- github.com/openclaw/openclaw/security/advisories/GHSA-7vwx-582j-j332
- nvd.nist.gov/vuln/detail/CVE-2026-28481
- www.vulncheck.com/advisories/openclaw-bearer-token-leakage-via-ms-teams-attachment-downloader-suffix-matching
Code Behaviors & Features
Detect and mitigate CVE-2026-28481 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →