Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.3
OpenClaw Chat and Zalouser Extension Security Risk: Unrestricted Bot Access
CVE-2026-33578
GHSA-63mg-xp9j-jfcm
Summary
The OpenClaw chat extension has a security flaw that allows attackers to bypass restrictions and interact with chat bots. This means that if you're using OpenClaw with Google Chat or Zalouser, your chat settings may not be effective. To fix this issue, update your OpenClaw extension to version 2026.3.28 or later.
What to do
- Update openclaw to version 2026.3.28.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| – | openclaw | <= 2026.3.24 | 2026.3.28 |
Original title
OpenClaw: Google Chat and Zalouser group sender allowlist bypass via policy downgrade
Original description
## Summary
When only a route-level group allowlist was configured, sender policy resolution silently downgraded from `allowlist` to `open` instead of preserving the configured group policy.
## Impact
Any member of an allowlisted Google Chat space or Zalouser group could interact with the bot even when the operator intended sender-level restrictions.
## Affected Component
`extensions/googlechat/src/monitor-access.ts, extensions/zalouser/src/monitor.ts`
## Fixed Versions
- Affected: `<= 2026.3.24`
- Patched: `>= 2026.3.28`
- Latest stable `2026.3.28` contains the fix.
## Fix
Fixed by commit `e64a881ae0` (`Channels: preserve routed group policy`).
When only a route-level group allowlist was configured, sender policy resolution silently downgraded from `allowlist` to `open` instead of preserving the configured group policy.
## Impact
Any member of an allowlisted Google Chat space or Zalouser group could interact with the bot even when the operator intended sender-level restrictions.
## Affected Component
`extensions/googlechat/src/monitor-access.ts, extensions/zalouser/src/monitor.ts`
## Fixed Versions
- Affected: `<= 2026.3.24`
- Patched: `>= 2026.3.28`
- Latest stable `2026.3.28` contains the fix.
## Fix
Fixed by commit `e64a881ae0` (`Channels: preserve routed group policy`).
nvd CVSS3.1
9.8
nvd CVSS4.0
5.3
Vulnerability type
CWE-863
Incorrect Authorization
- https://github.com/openclaw/openclaw/commit/e64a881ae0fb8af18e451163f4c2d611d60c...
- https://github.com/openclaw/openclaw/security/advisories/GHSA-63mg-xp9j-jfcm
- https://www.vulncheck.com/advisories/openclaw-sender-policy-allowlist-bypass-via...
- https://nvd.nist.gov/vuln/detail/CVE-2026-33578
- https://github.com/advisories/GHSA-63mg-xp9j-jfcm
Published: 1 Apr 2026 · Updated: 1 Apr 2026 · First seen: 31 Mar 2026