CVE-2026-43572 - OpenClaw 2026.4.10 < 2026.4.14 - Missing Sender Authorization in Microsoft Teams SSO Invoke Handler
CVE ID :CVE-2026-43572 Published : May 5, 2026, 11:25 a.m. | 47 minutes ago Description :OpenClaw versions 2026.4.10 before 2026.4.14 contain a missing authorization vulnerability in the Microsoft Teams SSO invoke handler that fails to apply sender allowlist checks. Attackers can bypass sender
ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] CloudZ malware abuses Microsoft Phone Link to steal SMS and OTPs
- [CYBER] Stop triaging Go CVEs that don't affect you
- [CYBER] Gaza: Israeli strikes kill 2 Palestinians in latest truce breach
- [CYBER] Hackers Abuse DAEMON Tools Distribution Channel to Deliver Malicious Payloads
- [CYBER] The EOL Blind Spot in Your CVE Feed: What SCA Tools Don't Check.
- [CYBER] Fake SSA Emails Drive Venomous#Helper Phishing Campaign