Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.3
OpenClaw could let unauthorized users send messages to groups
GHSA-jv6r-27ww-4gw4
Summary
An issue in OpenClaw's authorization system allowed a user who had been paired with a direct message sender to bypass group membership checks and send messages to groups. This could let someone who wasn't supposed to be in a group send messages to that group. OpenClaw has fixed this issue in version 2026.2.26 and earlier versions are affected.
What to do
- Update openclaw to version 2026.2.26.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| – | openclaw | <= 2026.2.25 | 2026.2.26 |
Original title
OpenClaw DM pairing-store identities could satisfy group allowlist authorization
Original description
## Summary
DM pairing-store identities were incorrectly eligible for group allowlist authorization checks, enabling cross-context authorization in group message paths.
## Details
In affected versions, group allowlist evaluation could inherit identities from the DM pairing store. A sender approved via DM pairing could satisfy group sender allowlist checks without being explicitly present in `groupAllowFrom`.
This is an authorization-policy boundary issue between DM pairing and group allowlists.
## Affected Packages / Versions
- `openclaw` (npm): affected `<= 2026.2.25` (latest published npm version at triage time)
- `openclaw` (npm): patched `>= 2026.2.26` (planned next release)
## Fix Commit(s)
- `openclaw/openclaw@8bdda7a651c21e98faccdbbd73081e79cffe8be0`
- `openclaw/openclaw@051fdcc428129446e7c084260f837b7284279ce9`
## Release Process Note
`patched_versions` is pre-set to the planned next release (`2026.2.26`) so once npm release is published, maintainers can publish the advisory without additional metadata edits.
## Maintainer Timeline Note
Maintainers landed the initial fix before this report was filed; this report still provided useful independent confirmation of the issue class and exploit path.
OpenClaw thanks @tdjackey for reporting.
DM pairing-store identities were incorrectly eligible for group allowlist authorization checks, enabling cross-context authorization in group message paths.
## Details
In affected versions, group allowlist evaluation could inherit identities from the DM pairing store. A sender approved via DM pairing could satisfy group sender allowlist checks without being explicitly present in `groupAllowFrom`.
This is an authorization-policy boundary issue between DM pairing and group allowlists.
## Affected Packages / Versions
- `openclaw` (npm): affected `<= 2026.2.25` (latest published npm version at triage time)
- `openclaw` (npm): patched `>= 2026.2.26` (planned next release)
## Fix Commit(s)
- `openclaw/openclaw@8bdda7a651c21e98faccdbbd73081e79cffe8be0`
- `openclaw/openclaw@051fdcc428129446e7c084260f837b7284279ce9`
## Release Process Note
`patched_versions` is pre-set to the planned next release (`2026.2.26`) so once npm release is published, maintainers can publish the advisory without additional metadata edits.
## Maintainer Timeline Note
Maintainers landed the initial fix before this report was filed; this report still provided useful independent confirmation of the issue class and exploit path.
OpenClaw thanks @tdjackey for reporting.
ghsa CVSS4.0
5.3
Vulnerability type
CWE-285
Improper Authorization
CWE-863
Incorrect Authorization
Published: 3 Mar 2026 · Updated: 7 Mar 2026 · First seen: 6 Mar 2026