Package impact
npm / @openclaw/voice-call
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2026-32062 | high | 7.5 | 7.5 | 3mo ago | OpenClaw voice-call media stream validated streams after upgrade, which could allow pre-start unauthenticated sockets to increase resource pressure | |
| CVE-2026-28465 | unknown | — | — | 3mo ago | OpenClaw optional voice-call plugin: webhook verification may be bypassed behind certain proxy configurations |