CVE-2026-26328
Received Received - Intake
Authorization Bypass in OpenClaw iMessage Group Policy Allows Trust Escalation

Publication date: 2026-02-20

Last updated on: 2026-02-26

Assigner: GitHub, Inc.

Description
OpenClaw is a personal AI assistant. Prior to version 2026.2.14, under iMessage `groupPolicy=allowlist`, group authorization could be satisfied by sender identities coming from the DM pairing store, broadening DM trust into group contexts. Version 2026.2.14 fixes the issue.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-20
Last Modified
2026-02-26
Generated
2026-06-16
AI Q&A
2026-02-20
EPSS Evaluated
2026-06-15
NVD
CVE-2026-26328
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
openclaw openclaw to 2026.2.14 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-863 The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.
CWE-284 The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

[{'type': 'paragraph', 'content': 'CVE-2026-26328 is a vulnerability in the OpenClaw personal AI assistant affecting versions prior to 2026.2.14. When the iMessage groupPolicy is set to "allowlist", the system incorrectly allows group authorization to be satisfied by sender identities coming from the Direct Message (DM) pairing store. This means that identities authorized for direct messages could also gain unauthorized access to group contexts, broadening trust beyond intended boundaries.'}, {'type': 'paragraph', 'content': 'The root cause is improper access control and incorrect authorization checks, where the system combines the static group allowlist with DM pairing-store identities to determine group authorization. This flaw allows a sender authorized only for direct messages to execute commands in group contexts without explicit group membership.'}, {'type': 'paragraph', 'content': 'The issue was fixed in OpenClaw version 2026.2.14 by removing the inheritance of DM pairing-store identities for group authorization.'}] [3, 1]

Impact Analysis

This vulnerability allows unauthorized users, who are authorized only for direct messages, to gain high integrity access in group contexts. Specifically, they can execute or modify group commands without explicit permission.

While the vulnerability does not affect confidentiality or availability, it poses a significant risk to the integrity of group communications and commands, potentially leading to unauthorized modifications or actions within group chats.

Exploitation requires network access but has low complexity and does not require user interaction, making it easier for attackers with limited privileges to abuse.

Compliance Impact

I don't know

Detection Guidance

[{'type': 'paragraph', 'content': "This vulnerability arises from improper authorization checks in OpenClaw versions prior to 2026.2.14, specifically when the iMessage groupPolicy is set to 'allowlist'. Detection involves verifying if your OpenClaw installation is running a vulnerable version (≀ 2026.2.13) and if the groupPolicy is configured as 'allowlist'."}, {'type': 'paragraph', 'content': 'Since the issue involves group authorization incorrectly inheriting identities from the DM pairing store, you can check your OpenClaw configuration files or logs for the presence of DM pairing-store identities being used in group authorization contexts.'}, {'type': 'paragraph', 'content': 'There are no explicit commands provided in the resources for detecting this vulnerability on your network or system. However, general steps include:'}, {'type': 'list_item', 'content': 'Check the OpenClaw version installed by running a version command such as `openclaw --version` or checking the installed package version.'}, {'type': 'list_item', 'content': "Review the iMessage groupPolicy setting in your OpenClaw configuration to see if it is set to 'allowlist'."}, {'type': 'list_item', 'content': 'Audit logs or message routing debug logs (if enabled) for evidence of sender identities from the DM pairing store being authorized in group contexts.'}, {'type': 'paragraph', 'content': 'For more detailed debugging, the release notes mention added debug logging for message routing decisions in Discord and other platforms, which might be analogous or helpful if similar logging exists for iMessage in your OpenClaw setup.'}] [2, 3]

Mitigation Strategies

[{'type': 'paragraph', 'content': 'The primary and immediate mitigation step is to upgrade OpenClaw to version 2026.2.14 or later, where this vulnerability has been fixed by removing the inheritance of DM pairing-store identities for group authorization.'}, {'type': 'paragraph', 'content': "If upgrading immediately is not possible, consider reviewing and tightening your iMessage groupPolicy settings to avoid using 'allowlist' or to restrict group authorization explicitly to known identities, avoiding reliance on DM pairing-store identities."}, {'type': 'paragraph', 'content': 'Additionally, enable and review debug logging for message routing and authorization decisions to monitor for unauthorized group access attempts.'}, {'type': 'paragraph', 'content': 'Ultimately, upgrading to the fixed version is strongly recommended to fully address the issue.'}] [2, 3]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-26328. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart