Known Vulnerabilities for Feishu by Openclaw
Listed below are 8 of the newest known vulnerabilities associated with "Feishu" by "Openclaw".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-62188 json | OpenClaw @openclaw/feishu versions 2026.6.6 and earlier contain an incorrect authorization vulnerability in which the Feishu ... | Not Provided | 2026-07-13 | 2026-07-13 |
| CVE-2026-62187 json | OpenClaw Feishu tools (npm package @openclaw/feishu) in versions <= 2026.6.6 could ignore per-account disablement. A lower-tr... | Not Provided | 2026-07-13 | 2026-07-13 |
| CVE-2026-53835 json | OpenClaw before 2026.5.6 contains a configuration enforcement bypass vulnerability in Feishu dynamic-agent bindings that allo... | Not Provided | 2026-06-12 | 2026-06-15 |
| CVE-2026-44993 json | OpenClaw before 2026.4.20 contains a message classification vulnerability in Feishu card-action callbacks that misclassifies ... | Not Provided | 2026-05-11 | 2026-05-12 |
| CVE-2026-44109 json | OpenClaw before 2026.4.15 contains an authentication bypass vulnerability in Feishu webhook and card-action validation that a... | Not Provided | 2026-05-06 | 2026-05-07 |
| CVE-2026-41363 json | OpenClaw versions 2026.2.6 through 2026.3.24 contain a path traversal vulnerability in the Feishu extension resolveUploadInpu... | Not Provided | 2026-04-28 | 2026-04-28 |
| CVE-2026-10224 json | A security vulnerability has been detected in NousResearch hermes-agent up to 2026.4.30. This vulnerability affects the funct... | Not Provided | 2026-06-01 | 2026-06-01 |
| CVE-2021-3305 json | Beijing Feishu Technology Co., Ltd Feishu v3.40.3 was discovered to contain an untrusted search path vulnerability. | Not Provided | 2022-10-18 | 2026-07-09 |