PT-2026-25126 · Npm · @Openclaw/Voice-Call+1

Published

2026-03-02

·

Updated

2026-03-02

CVSS v4.0

8.7

High

VectorAV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Summary

@openclaw/voice-call (and the bundled copy shipped in openclaw) accepted media-stream WebSocket upgrades before stream validation. In reachable deployments, unauthenticated pre-start sockets could be held open and increase resource pressure.

Affected Packages / Versions

  • openclaw (npm): vulnerable <= 2026.2.21-2, patched in 2026.2.22.
  • @openclaw/voice-call (npm): vulnerable <= 2026.2.21, patched in 2026.2.22.

Technical Details

Before this fix, the voice-call media-stream path upgraded sockets first and ran shouldAcceptStream() after a later start frame. This created a pre-auth window where remote clients could hold idle sockets without call/token validation.

Impact

Availability risk in deployments where the media-stream endpoint is reachable and streaming is enabled. Under sustained abuse, this could consume connection-related resources and degrade service for legitimate streams.

Remediation

The fix adds layered controls in the media-stream path:
  • strict pre-start timeout (close sockets that do not send a valid start frame quickly)
  • global pending-connection cap
  • per-IP pending-connection cap
  • total open media-stream connection cap
  • safer upgrade-path parsing in the webhook server

Fix Commit(s)

  • 1d8968c8a821ff1a05c294a1846b3bcb6f343794

Release Process Note

patched versions is pre-set to 2026.2.22 so this advisory is ready to publish once npm openclaw@2026.2.22 and @openclaw/voice-call@2026.2.22 are released.
OpenClaw thanks @jiseoung for reporting.

Fix

Allocation of Resources Without Limits

Resource Exhaustion

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-770CWE-400

Related Identifiers

GHSA-MFG5-7Q5G-F37J

Affected Products

@Openclaw/Voice-Call
Openclaw