Zero Day MonitorZDM

← Back to list

5.3

CVE-2026-35647EXPLOITEDPATCHED

openclaw · openclaw

OpenClaw < 2026.3.25 - Direct Message Policy Bypass via Verification Notices

Description

OpenClaw before 2026.3.25 contains an access control vulnerability where verification notices bypass DM policy checks and reply to unpaired peers. Attackers can send verification notices to users outside allowed direct message policies by exploiting insufficient access validation before message transmission.

Affected Products

Vendor	Product	Versions
openclaw	openclaw	npm/openclaw: <= 2026.3.24

Also Affects

Downstream vendors/products affected by this vulnerability

Vendor	Product	Source	Confidence
open source	openclaw	cert_advisory	90%

References

https://github.com/openclaw/openclaw/security/advisories/GHSA-9wqx-g2cw-vc7r(third-party-advisory)
https://github.com/openclaw/openclaw/commit/2383daf5c4a4e08d9553e0e949552ad755ef9ec2(patch)
https://www.vulncheck.com/advisories/openclaw-direct-message-policy-bypass-via-verification-notices(third-party-advisory)

Related News (2 articles)

Tier B

BSI Advisories5h ago

[NEU] [hoch] OpenClaw: Mehrere Schwachstellen

→ No new info (linked only)

Tier C

VulDB2d ago

CVE-2026-35647 | OpenClaw up to 2026.3.24 Direct Message authentication bypass (GHSA-9wqx-g2cw-vc7r)

→ No new info (linked only)

CVSS 3.15.3 CRITICAL

VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

CISA KEV❌ No

Actively exploited✅ Yes

Patch available

2026.3.25

CWECWE-288, CWE-863

PublishedApr 10, 2026

Last enriched2d agov2

Tags

GHSA-9wqx-g2cw-vc7r

Trending Score70

Source articles2

Independent2

Info Completeness9/14

Missing: epss, kev, exploit, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

HIGHCVE-2026-25253EXPKEV

OpenClaw (aka clawdbot or Moltbot) before 2026.1.29 obtains a gatewayUrl value from a query string and automatically makes a WebSocket connection without prompting, sending a token value.

CRITICALCVE-2026-35663EXP

OpenClaw < 2026.3.25 - Privilege Escalation via Backend Reconnect Scope Self-Claim

CRITICALCVE-2026-35669EXP

OpenClaw < 2026.3.25 - Privilege Escalation via Gateway Plugin HTTP Authentication Scope

NONECVE-2026-35668EXP

OpenClaw < 2026.3.24 - Sandbox Media Root Bypass via Unnormalized mediaUrl and fileUrl Parameters

NONECVE-2026-35620EXP

OpenClaw < 2026.3.24 - Missing Authorization in /send and /allowlist Chat Commands

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

Apr 10, 2026

Discovered by ZDM

Apr 10, 2026

Actively Exploited

Apr 10, 2026

Patch Available

Apr 10, 2026

Updated: severity, activelyExploited, tags

Apr 10, 2026

Version History

v2

Last enriched 2d ago

v2Tier C2d ago

Updated severity to CRITICAL, marked as actively exploited, and added new tag GHSA-9wqx-g2cw-vc7r.

severityactivelyExploitedtags

via VulDB

v13d ago

Initial creation