Zero Day MonitorZDM

← Back to list

5.4

CVE-2026-35620EXPLOITEDPATCHED

openclaw · openclaw

OpenClaw < 2026.3.24 - Missing Authorization in /send and /allowlist Chat Commands

Description

OpenClaw before 2026.3.24 contains missing authorization vulnerabilities in the /send and /allowlist chat command handlers. The /send command allows non-owner command-authorized senders to change owner-only session delivery policy settings, and the /allowlist mutating commands fail to enforce operator.admin scope. Attackers with operator.write scope can invoke /send on|off|inherit to persistently mutate the current session's sendPolicy, and execute /allowlist add commands to modify config-backed allowFrom entries and pairing-store allowlist entries without proper admin authorization.

Affected Products

Vendor	Product	Versions
openclaw	openclaw	0

Also Affects

Downstream vendors/products affected by this vulnerability

Vendor	Product	Source	Confidence
open source	openclaw	cert_advisory	90%

References

https://github.com/openclaw/openclaw/security/advisories/GHSA-39mp-545q-w789(third-party-advisory)
https://github.com/openclaw/openclaw/security/advisories/GHSA-vqvg-86cc-cg83(third-party-advisory)
https://github.com/openclaw/openclaw/commit/ccfeecb6887cd97937e33a71877ad512741e82b2(patch)
https://github.com/openclaw/openclaw/commit/ea018a68ccb92dbc735bc1df9880d5c95c63ca35(patch)
https://github.com/openclaw/openclaw/commit/555b2578a8cc6e1b93f717496935ead97bfbed8b(patch)
https://www.vulncheck.com/advisories/openclaw-missing-authorization-in-send-and-allowlist-chat-commands(third-party-advisory)

Related News (2 articles)

Tier B

BSI Advisories7h ago

[NEU] [hoch] OpenClaw: Mehrere Schwachstellen

→ No new info (linked only)

Tier C

VulDB3d ago

CVE-2026-35620 | OpenClaw up to 2026.3.23 /send authorization (GHSA-39mp-545q-w789)

→ No new info (linked only)

CVSS 3.15.4 NONE

CISA KEV❌ No

Actively exploited✅ Yes

Patch available

openclaw@2026.3.24

CWECWE-862

PublishedApr 10, 2026

Last enriched3d agov2

Trending Score50

Source articles2

Independent2

Info Completeness9/14

Missing: epss, kev, exploit, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

HIGHCVE-2026-25253EXPKEV

OpenClaw (aka clawdbot or Moltbot) before 2026.1.29 obtains a gatewayUrl value from a query string and automatically makes a WebSocket connection without prompting, sending a token value.

CRITICALCVE-2026-35647EXP

OpenClaw < 2026.3.25 - Direct Message Policy Bypass via Verification Notices

CRITICALCVE-2026-35663EXP

OpenClaw < 2026.3.25 - Privilege Escalation via Backend Reconnect Scope Self-Claim

CRITICALCVE-2026-35669EXP

OpenClaw < 2026.3.25 - Privilege Escalation via Gateway Plugin HTTP Authentication Scope

NONECVE-2026-35668EXP

OpenClaw < 2026.3.24 - Sandbox Media Root Bypass via Unnormalized mediaUrl and fileUrl Parameters

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

Apr 10, 2026

Discovered by ZDM

Apr 10, 2026

Updated: affectedVersions, severity, activelyExploited

Apr 10, 2026

Actively Exploited

Apr 13, 2026

Patch Available

Apr 13, 2026

Version History

v2

Last enriched 3d ago

v2Tier C3d ago

Updated affected versions to < 2026.3.23, changed severity to HIGH, and marked as actively exploited.

affectedVersionsseverityactivelyExploited

via VulDB

v13d ago

Initial creation