CVE-2026-35647

MEDIUM

OpenClaw < 2026.3.25 - Direct Message Policy Bypass via Verification Notices

Title source: cna

Description

OpenClaw before 2026.3.25 contains an access control vulnerability where verification notices bypass DM policy checks and reply to unpaired peers. Attackers can send verification notices to users outside allowed direct message policies by exploiting insufficient access validation before message transmission.

References (3)

[Third Party Advisory] https://github.com/openclaw/openclaw/security/advisories/GHSA-9wqx-g2cw-vc7r

[Patch] https://github.com/openclaw/openclaw/commit/2383daf5c4a4e08d9553e0e949552ad755ef9ec2

View Patch ZIP pw:eip

[Third Party Advisory] https://www.vulncheck.com/advisories/openclaw-direct-message-policy-bypass-via-verification-notices

Scores

CVSS v3 5.3

EPSS 0.0004

EPSS Percentile 10.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Details

CWE

CWE-288

Status published

Products (4)

npm/openclaw 0npm

OpenClaw/OpenClaw < 2026.3.25

openclaw/openclaw < 2026.3.25

OpenClaw/OpenClaw 2026.3.25

Published Apr 10, 2026

Tracked Since Apr 10, 2026