Description
OpenClaw before 2026.5.6 contains an authorization bypass vulnerability in Telegram interactive callbacks that allows authenticated users to skip commands.allowFrom validation. Attackers can invoke affected callbacks to mark themselves as authorized senders before allowlist checks are applied, triggering command behavior outside configured Telegram sender restrictions.
Published: 2026-06-11
Score: 7.7 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability allows an authenticated user to bypass the commands.allowFrom verification in Telegram interactive callbacks, enabling them to execute commands outside of the intended sender restrictions. This can lead to unintended command execution and privilege escalation within the bot’s environment. The weakness is identified as CWE‑863.

Affected Systems

OpenClaw versions released before 2026.5.6, run on platforms supported by the product, are affected. The issue resides in the Telegram integration component that processes interactive callbacks.

Risk and Exploitability

The CVSS score of 7.7 signifies a high severity security flaw. Because the EPSS score is unavailable, the probability of real‑world exploitation cannot be determined, but the vulnerability is not listed in CISA's KEV catalog. Attackers require valid authentication to the bot and can trigger the bypass by sending a crafted callback message, then setting themselves as an authorized sender through the callback before global allowlist checks are applied. The risk is that bot administrators could be subverted to run arbitrary commands.

Generated by OpenCVE AI on June 11, 2026 at 21:55 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to OpenClaw 2026.5.6 or later, which contains the fix that restores proper commands.allowFrom validation.
  • Reconfigure the bot’s commands.allowFrom setting to explicitly whitelist only trusted Telegram user IDs, ensuring no accidental authorization.
  • Restrict callback handling to authenticated users and verify that the Telegram bot has the minimum necessary permissions.
  • Monitor bot logs for unauthorized callback activity or unexpected command executions.

Generated by OpenCVE AI on June 11, 2026 at 21:55 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 11 Jun 2026 20:45:00 +0000

Type Values Removed Values Added
Description OpenClaw before 2026.5.6 contains an authorization bypass vulnerability in Telegram interactive callbacks that allows authenticated users to skip commands.allowFrom validation. Attackers can invoke affected callbacks to mark themselves as authorized senders before allowlist checks are applied, triggering command behavior outside configured Telegram sender restrictions.
Title OpenClaw < 2026.5.6 - Authorization Bypass in Telegram Interactive Callbacks via commands.allowFrom
First Time appeared Openclaw
Openclaw openclaw
Weaknesses CWE-863
CPEs cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*
Vendors & Products Openclaw
Openclaw openclaw
References
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 7.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Openclaw Openclaw
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-06-11T20:05:48.548Z

Reserved: 2026-06-10T21:14:38.834Z

Link: CVE-2026-53807

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-06-11T21:16:22.580

Modified: 2026-06-11T21:16:22.580

Link: CVE-2026-53807

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-11T22:00:08Z

Weaknesses