Description
OpenClaw before 2026.4.20 contains a message classification vulnerability in Feishu card-action callbacks that misclassifies direct messages as group conversations. Attackers can bypass dmPolicy enforcement by triggering card-action flows in direct message conversations that should have been blocked by restrictive policies.
Published: 2026-05-11
Score: 2.3 Low
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

OpenClaw before 2026.4.20 includes a message classification flaw in its Feishu card-action callbacks that mistakenly treats direct messages as group conversations. As a result, attackers can provoke card-action flows within private chats that should normally be blocked by dmPolicy restrictions. This flaw allows policy enforcement to be bypassed for direct message contexts, potentially enabling unauthorized card actions. The vulnerability exploits incorrect classification logic, identified as CWE-184.

Affected Systems

The affected product is OpenClaw, all releases older than version 2026.4.20. The vulnerability affects the Node.js runtime component used by the application. Users running any version before the 2026.4.20 release are at risk.

Risk and Exploitability

The CVSS score of 2.3 indicates a low severity overall. EPSS data is not available, so the likelihood of exploitation is uncertain, but the issue is not in the CISA KEV catalog. The probable attack vector is an attacker sending a crafted Feishu card-action request in a direct message, requiring the ability to initiate a card-action flow in a private conversation. No additional preconditions are listed beyond interacting with the Feishu integration. The risk remains limited but any bypass of dmPolicy enforcement can undermine policy controls.

Generated by OpenCVE AI on May 11, 2026 at 18:42 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade OpenClaw to version 2026.4.20 or later to remove the misclassification bug.
  • If your organization requires strict separation of card actions in direct messages, disable the Feishu card-action callback for direct conversations in the OpenClaw configuration.
  • Continuously monitor OpenClaw logs for unexpected card-action activity and adjust dmPolicy settings as needed to ensure policy enforcement remains effective.

Generated by OpenCVE AI on May 11, 2026 at 18:42 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 12 May 2026 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 11 May 2026 17:30:00 +0000

Type Values Removed Values Added
Description OpenClaw before 2026.4.20 contains a message classification vulnerability in Feishu card-action callbacks that misclassifies direct messages as group conversations. Attackers can bypass dmPolicy enforcement by triggering card-action flows in direct message conversations that should have been blocked by restrictive policies.
Title OpenClaw < 2026.4.20 - Direct Message Misclassification in Feishu Card Actions
First Time appeared Openclaw
Openclaw openclaw
Weaknesses CWE-184
CPEs cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*
Vendors & Products Openclaw
Openclaw openclaw
References
Metrics cvssV3_1

{'score': 5.4, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N'}

cvssV4_0

{'score': 2.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

Openclaw Openclaw
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-05-12T13:52:07.599Z

Reserved: 2026-05-08T16:41:39.934Z

Link: CVE-2026-44993

cve-icon Vulnrichment

Updated: 2026-05-12T13:52:02.512Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-11T18:16:39.103

Modified: 2026-05-12T14:19:41.400

Link: CVE-2026-44993

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-11T18:45:25Z

Weaknesses