CVE-2026-32895
Received Received - Intake
Authorization Bypass in OpenClaw System Event Handlers Enables Unauthorized Messaging

Publication date: 2026-03-21

Last updated on: 2026-03-23

Assigner: VulnCheck

Description
OpenClaw versions prior to 2026.2.26 fail to enforce sender authorization in member and message subtype system event handlers, allowing unauthorized events to be enqueued. Attackers can bypass Slack DM allowlists and per-channel user allowlists by sending system events from non-allowlisted senders through message_changed, message_deleted, and thread_broadcast events.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-21
Last Modified
2026-03-23
Generated
2026-06-16
AI Q&A
2026-03-21
EPSS Evaluated
2026-06-15
NVD
CVE-2026-32895
EUVD
EUVD-2026-13970
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
openclaw openclaw to 2026.2.26 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-863 The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

[{'type': 'paragraph', 'content': 'CVE-2026-32895 is a vulnerability in OpenClaw versions prior to 2026.2.26 where the system fails to enforce sender authorization in Slack system event handlers related to member and message subtype events.'}, {'type': 'paragraph', 'content': 'Specifically, unauthorized users can enqueue system events such as message_changed, message_deleted, and thread_broadcast without proper permission checks.'}, {'type': 'paragraph', 'content': "This happens because the system does not verify the sender's identity and permissions before processing these events, allowing attackers to bypass Slack direct message (DM) allowlists and per-channel user allowlists."}] [1, 2, 3]

Impact Analysis

This vulnerability allows unauthorized actors to inject Slack system events that should be restricted, potentially leading to unauthorized actions within Slack channels.

  • Bypassing DM allowlists means attackers can send system events in direct messages where they are not permitted.
  • Bypassing per-channel user allowlists means attackers can trigger events in channels where they are not authorized.

Such unauthorized events could disrupt channel membership information or message states, potentially causing confusion, misinformation, or unauthorized visibility of channel activities.

Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

[{'type': 'paragraph', 'content': 'To mitigate CVE-2026-32895, you should upgrade OpenClaw to version 2026.2.26 or later, which includes a fix that enforces strict sender authorization for Slack system events.'}, {'type': 'list_item', 'content': 'Ensure that the OpenClaw system event handlers for member and message subtype events use the updated authorization function `authorizeAndResolveSlackSystemEventContext` to verify sender identity and permissions.'}, {'type': 'list_item', 'content': 'Configure your Slack direct message (DM) policies (`dmPolicy`) appropriately, using "allowlist" mode to restrict events to authorized senders or "disabled" to block member and message subtype events in DMs.'}, {'type': 'list_item', 'content': 'Enforce per-channel user allowlists to block events from unauthorized users outside the allowed list.'}, {'type': 'paragraph', 'content': 'These steps prevent unauthorized injection of Slack system events by ensuring that only authorized senders can enqueue such events.'}] [1, 2]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-32895. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart