Description
OpenClaw before 2026.3.25 contains an access control vulnerability where verification notices bypass DM policy checks and reply to unpaired peers. Attackers can send verification notices to users outside allowed direct message policies by exploiting insufficient access validation before message transmission.
Published: 2026-04-10
Score: 6.9 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Policy Bypass via Direct Message
Action: Apply Patch
AI Analysis

Impact

An access control flaw allows an attacker to submit verification notices that bypass the application’s direct message (DM) policy checks, enabling the sending of messages to recipients who are not part of an approved direct‑message pairing. This flaw undermines the intended communication boundaries and can expose sensitive information to unintended parties.

Affected Systems

OpenClaw versions earlier than 2026.3.25 are affected. The vulnerability exists in the core OpenClaw application running on node.js. Users deploying any pre‑2026.3.25 release of OpenClaw should consider the impact.

Risk and Exploitability

The CVSS score of 6.9 indicates medium‑to‑high severity. No EPSS data is available, and the vulnerability is not listed in CISA’s KEV catalog. Attackers would exploit the flaw by sending crafted verification notices over the network to users whose relationships do not satisfy the enforced DM policy. Successful exploitation requires network access to the OpenClaw instance and the ability to construct a verification notice that is accepted by the service before policy validation.

Generated by OpenCVE AI on April 10, 2026 at 17:25 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update OpenClaw to version 2026.3.25 or later.
  • If an upgrade is not immediately possible, block or filter verification notices that target users outside allowed DM pairs.
  • Monitor logs for anomalous verification notice activity.
  • Verify that the application’s policy enforcement is correctly configured and that no other paths allow bypassing DM checks.

Generated by OpenCVE AI on April 10, 2026 at 17:25 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-9wqx-g2cw-vc7r OpenClaw: Matrix Verification Notices Bypass Matrix DM Policy and Reply to Unpaired DM Peers
History

Fri, 10 Apr 2026 18:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 10 Apr 2026 16:30:00 +0000

Type Values Removed Values Added
Description OpenClaw before 2026.3.25 contains an access control vulnerability where verification notices bypass DM policy checks and reply to unpaired peers. Attackers can send verification notices to users outside allowed direct message policies by exploiting insufficient access validation before message transmission.
Title OpenClaw < 2026.3.25 - Direct Message Policy Bypass via Verification Notices
First Time appeared Openclaw
Openclaw openclaw
Weaknesses CWE-288
CPEs cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*
Vendors & Products Openclaw
Openclaw openclaw
References
Metrics cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N'}

cvssV4_0

{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

Openclaw Openclaw
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-04-10T17:21:38.896Z

Reserved: 2026-04-04T12:31:23.533Z

Link: CVE-2026-35647

cve-icon Vulnrichment

Updated: 2026-04-10T17:21:34.417Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-10T17:17:05.077

Modified: 2026-04-13T20:45:57.483

Link: CVE-2026-35647

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-13T13:00:57Z

Weaknesses