Description
OpenClaw versions 2026.4.10 before 2026.4.14 fail to persist session context during delivery queue recovery for media replay. Attackers can exploit recovered queued outbound media to bypass group tool policy enforcement and weaken channel media restrictions after service restart or recovery.
Published: 2026-05-06
Score: 6 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

OpenClaw versions 2026.4.10 through 2026.4.13 do not preserve the group tool policy context when the delivery queue recovers following a media replay operation. This flaw allows an attacker to make use of queues that have already been populated with outbound media. By exploiting this recovered media after a restart or recovery, an attacker can circumvex the intended policy controls, resulting in weakened channel media restrictions and the potential for the attacker to send unfiltered media. The weakness is a classic example of improper authorization (CWE‑862).

Affected Systems

The affected product is OpenClaw, versions 2026.4.10 up to, but not including, 2026.4.14. The severity of the vulnerability is a CVSS score of 6.0, indicating a medium impact with potential for policy bypass. No exploitation probability metric (EPSS) is available, and the vulnerability is not listed in CISA’s KEV catalog.

Risk and Exploitability

Because the attack requires the attacker to have access to the delivery queue and the ability to trigger a service restart or recovery, the attack vector is likely internal or privileged. The lack of EPSS data makes it hard to gauge current threat level, but the medium CVSS score combined with the potential for policy bypass signifies that the risk is moderate to high when the affected versions are in use. Without an automated exploitation mechanism, the vulnerability is less likely to be widely abused but remains actionable for operators with compromised or privileged accounts.

Generated by OpenCVE AI on May 6, 2026 at 21:31 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply OpenClaw version 2026.4.14 or later to ensure session context is persisted during delivery queue recovery.
  • If an upgrade is not immediately possible, disable the media replay feature or configure the service to refrain from recovering queued outbound media upon restart.
  • Review and enforce group tool policies at the application layer after service restarts to re‑establish proper media restrictions.

Generated by OpenCVE AI on May 6, 2026 at 21:31 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 07 May 2026 18:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 06 May 2026 20:15:00 +0000

Type Values Removed Values Added
Description OpenClaw versions 2026.4.10 before 2026.4.14 fail to persist session context during delivery queue recovery for media replay. Attackers can exploit recovered queued outbound media to bypass group tool policy enforcement and weaken channel media restrictions after service restart or recovery.
Title OpenClaw 2026.4.10 < 2026.4.14 - Loss of Group Tool-Policy Context in Delivery Queue Recovery
First Time appeared Openclaw
Openclaw openclaw
Weaknesses CWE-862
CPEs cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*
Vendors & Products Openclaw
Openclaw openclaw
References
Metrics cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N'}

cvssV4_0

{'score': 6, 'vector': 'CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

Openclaw Openclaw
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-05-07T17:30:28.366Z

Reserved: 2026-05-01T17:00:54.537Z

Link: CVE-2026-43583

cve-icon Vulnrichment

Updated: 2026-05-07T17:30:14.528Z

cve-icon NVD

Status : Analyzed

Published: 2026-05-06T20:16:34.203

Modified: 2026-05-07T19:36:10.440

Link: CVE-2026-43583

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-07T00:15:05Z

Weaknesses