Before v2026.3.23, the Plivo V2 verification path treated query-only variants of the same signed request as fresh verified work. Plivo V2 signatures authenticate baseUrl + nonce, but the replay key was derived from the full verification URL including the query string, so unsigned query-only changes minted a new verifiedRequestKey.
openclaw (npm)< 2026.3.23>= 2026.3.23v2026.3.23-2 (630f1479c44f78484dfa21bb407cbe6f171dac87)2026.3.23-2The vulnerable logic lived in extensions/voice-call/src/webhook-security.ts. V2 signature validation already canonicalized to the base URL without query parameters, but the replay key used the full verificationUrl, letting query-only variants bypass replay identity stability.
b0ce53a79cf63834660270513e26d921899b4e5b — fix(voice-call): stabilize plivo v2 replay keysThe fix commit is contained in released tags v2026.3.23 and v2026.3.23-2. The latest shipped tag and npm release both include the fix.
extensions/voice-call/src/webhook-security.ts now derives the V2 replay key with createPlivoV2ReplayKey(...), which hashes getBaseUrlNoQuery(url) plus the nonce.extensions/voice-call/src/webhook-security.test.ts contains the regression test treats query-only V2 variants as the same verified request.Thanks @smaeljaish771 for reporting.
2026.3.23Exploitability
AV:NAC:LAT:PPR:NUI:NVulnerable System
VC:NVI:HVA:NSubsequent System
SC:NSI:NSA:N8.2/CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N