CVE-2026-41331 — Telegram Audio Preflight Transcription That Vulnerability

/MEDIUM /CVSS 5.3/10
Written by SCW Vulnerability Desk Vulnerability Intelligence
National Vulnerability Database vulnerabilitycvemedium-severitycwe-408
CVE-2026-41331 — Telegram Audio Preflight Transcription That Vulnerability

CVE-2026-41331 — OpenClaw before 2026.3.31 contains a resource consumption vulnerability in Telegram audio preflight transcription that allows unauthorized group senders to trigger transcription processing. Attackers can exploit insufficient allowlist enforcement to cause resource or billing consump

What This Means For You

  • If your environment is affected by CWE-408, review your exposure and prioritize patching based on your environment. Monitor vendor advisories for CVE-2026-41331 updates and patches.

Related ATT&CK Techniques

T1499 Resource Hijacking Impact T1190 Exploit Public-Facing Application Initial Access

🛡️ Detection Rules

2 rules · 6 SIEM formats

2 detection rules auto-generated for this incident, mapped to MITRE ATT&CK. Sigma YAML is free — export to any SIEM format via the Intel Bot.

medium T1190 Initial Access

CVE-2026-41331 - Telegram Audio Preflight Transcription Resource Consumption

Sigma YAML — free preview
✓ Sigma · Splunk SPL Sentinel KQL Elastic QRadar AQL Wazuh Export via Bot →

Indicators of Compromise

IDTypeIndicator
CVE-2026-41331 vulnerability CVE-2026-41331
CWE-408 weakness CWE-408

Written by SCW Vulnerability Desk

Source & Attribution
Source PlatformNVD
ChannelNational Vulnerability Database
PublishedApril 21, 2026 at 03:16 UTC

This content was curated and summarized by Shimi's Cyber World for informational purposes. It is not copied or republished in full. All intellectual property rights remain with the original author and source.

Believe this infringes your rights? Submit a takedown request.

Related Posts

Neko Virtual Browser: Authenticated RCE to Admin Takeover

CVE-2026-39386 — Neko is a a self-hosted virtual browser that runs in Docker and uses WebRTC In versions 3.0.0 through 3.0.10 and 3.1.0 through 3.1.1,...

vulnerabilityCVEhigh-severitycwe-20cwe-269cwe-284cwe-639cwe-862
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-39378 — Path Traversal

CVE-2026-39378 — The nbconvert tool, jupyter nbconvert, converts Jupyter notebooks to various other formats via Jinja templates. In versions 6.5 through 7.17.0, when `HTMLExporter.embed_images=True`, nbconvert's...

vulnerabilityCVEmedium-severitypath-traversalcwe-22cwe-73
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-39377 — Path Traversal

CVE-2026-39377 — The nbconvert tool, jupyter nbconvert, converts Jupyter notebooks to various other formats via Jinja templates. Versions 6.5 through 7.17.0 allow arbitrary file writes...

vulnerabilityCVEmedium-severitypath-traversalcwe-22cwe-73
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 3 IOCs /⚙ 3 Sigma