CVE-2026-32005
MEDIUM
GHSA-x2ff-j5c2-ggpr
CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
Lifecycle Timeline
3Description
OpenClaw versions prior to 2026.2.25 fail to enforce sender authorization checks for interactive callbacks including block_action, view_submission, and view_closed in shared workspace deployments. Unauthorized workspace members can bypass allowFrom restrictions and channel user allowlists to enqueue system-event text into active sessions.
Analysis
OpenClaw versions prior to 2026.2.25 contain an authorization bypass vulnerability in interactive callback handlers (block_action, view_submission, view_closed) that allows authenticated but unauthorized workspace members to bypass sender authorization checks and enqueue arbitrary system events into active sessions. This affects shared workspace deployments where multiple users with varying permission levels coexist, enabling privilege escalation and information disclosure attacks without requiring elevated privileges or user interaction.
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 30 days: Identify affected systems and apply vendor patches as part of regular patch cycle. Monitor vendor channels for patch availability.
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today