Description
OpenClaw versions prior to 2026.2.22 contain an authorization bypass vulnerability in the toolsBySender group policy matching that allows attackers to inherit elevated tool permissions through identifier collision attacks. Attackers can exploit untyped sender keys by forcing collisions with mutable identity values such as senderName or senderUsername to bypass sender-authorization policies and gain unauthorized access to privileged tools.
Published: 2026-03-19
Score: 6 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Privilege Escalation
Action: Patch
AI Analysis

Impact

OpenClaw versions prior to 2026.2.22 have an authorization bypass flaw where identity collisions can be used to forge elevated tool permissions. The vulnerability stems from untyped sender keys being matched against mutable identity fields such as senderName or senderUsername in the toolsBySender group policy. The flaw corresponds to a misuse of permission checks (CWE‑639) and can allow an attacker to inherit privileged tool access without proper authorization.

Affected Systems

The affected product is OpenClaw:OpenClaw. All releases before 2026.2.22 are vulnerable. The impacted component is a Node.js application identified by the CPE cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*, and the issue specifically affects the toolsBySender policy matching logic.

Risk and Exploitability

The CVSS score is 6.0, indicating medium severity. EPSS data is unavailable and the vulnerability is not listed in the KEV catalog. The attack vector implied by the description is remote, as an attacker would need to send crafted requests to the OpenClaw service. If exploited, the attacker would gain unauthorized access to privileged tools, potentially executing functions intended only for trusted senders. Overall risk is moderate, with realistic exploitation likelihood in environments where the vulnerable service is exposed to untrusted senders.

Generated by OpenCVE AI on March 19, 2026 at 23:51 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade OpenClaw to version 2026.2.22 or later.
  • Verify that the upgrade is applied to all affected instances and that legacy identity values are reconciled to avoid collisions.
  • Monitor logs for any unauthorized tool usage following the upgrade to confirm the issue is resolved.

Generated by OpenCVE AI on March 19, 2026 at 23:51 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-wpph-cjgr-7c39 OpenClaw's typed sender-key matching for toolsBySender prevents identity-collision policy bypass
History

Fri, 20 Mar 2026 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 19 Mar 2026 22:15:00 +0000

Type Values Removed Values Added
Description OpenClaw versions prior to 2026.2.22 contain an authorization bypass vulnerability in the toolsBySender group policy matching that allows attackers to inherit elevated tool permissions through identifier collision attacks. Attackers can exploit untyped sender keys by forcing collisions with mutable identity values such as senderName or senderUsername to bypass sender-authorization policies and gain unauthorized access to privileged tools.
Title OpenClaw < 2026.2.22 - Sender Authorization Bypass via Identity Collision in toolsBySender
First Time appeared Openclaw
Openclaw openclaw
Weaknesses CWE-639
CPEs cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*
Vendors & Products Openclaw
Openclaw openclaw
References
Metrics cvssV3_1

{'score': 5.9, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:N'}

cvssV4_0

{'score': 6, 'vector': 'CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

Openclaw Openclaw
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-03-20T15:50:13.097Z

Reserved: 2026-03-10T19:48:44.964Z

Link: CVE-2026-32039

cve-icon Vulnrichment

Updated: 2026-03-20T15:50:09.676Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-19T22:16:40.207

Modified: 2026-03-23T17:19:19.160

Link: CVE-2026-32039

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-20T10:44:15Z

Weaknesses