Compliance Impact

The provided context and resources do not include any information regarding the impact of CVE-2026-33578 on compliance with common standards and regulations such as GDPR or HIPAA.

Useful 0 Not Useful 0

Detection Guidance

This vulnerability involves a sender policy allowlist bypass in OpenClaw's Google Chat and Zalouser extensions due to a policy downgrade issue. Detection involves verifying if your OpenClaw installation is running a vulnerable version (prior to 2026.3.28) and checking if route-level group allowlist policies are silently downgraded to open policies.

Since the issue is related to policy resolution in the OpenClaw extensions, detection can be approached by reviewing the configuration of sender allowlists and group policies in your OpenClaw deployment, especially focusing on routed groups.

There are no explicit commands provided in the resources for direct detection on a network or system. However, you can check the installed OpenClaw version with a command similar to:

• npm list openclaw

Additionally, reviewing logs or monitoring bot interactions in Google Chat or Zalouser extensions for unexpected sender interactions despite configured allowlists may help identify exploitation attempts.

Useful 0 Not Useful 0

Mitigation Strategies

The primary mitigation step is to upgrade OpenClaw to version 2026.3.28 or later, where the vulnerability has been fixed by preserving routed group policies during sender policy resolution.

Ensure that your group allowlist configurations are correctly set and that routed groups have explicit sender allowlists defined to prevent fallback to open policies.

Review and apply the patch commit e64a881ae0 if you maintain a custom or forked version of OpenClaw.

Monitor bot interactions in Google Chat and Zalouser extensions for any unauthorized access attempts until the upgrade is applied.

Useful 0 Not Useful 0

Executive Summary

CVE-2026-33578 is a vulnerability in OpenClaw versions before 2026.3.28 affecting the Google Chat and Zalouser extensions. It involves a sender policy bypass caused by a policy downgrade issue at the route-level group allowlist. Specifically, when only a route-level group allowlist was configured, the sender policy resolution process incorrectly downgraded the policy from a restrictive "allowlist" to an open policy. This flaw allows attackers to bypass sender restrictions and interact with bots despite configured allowlist constraints.

The vulnerability arises because the system silently changes the intended restrictive sender policy to a more permissive one, enabling unauthorized users within an allowlisted group to send messages or commands to bots that should have been restricted.

Useful 0 Not Useful 0

Impact Analysis

This vulnerability can impact you by allowing unauthorized users to bypass sender restrictions and interact with bots in Google Chat and Zalouser extensions. Even if you have configured allowlist policies to restrict who can send messages or commands to bots, attackers can exploit this flaw to circumvent those restrictions.

As a result, attackers could potentially send unauthorized commands or messages to bots, which may lead to unintended bot behavior, information disclosure, or disruption of automated workflows.

The severity is rated as moderate with a CVSS v4 base score of 5.3, indicating a network attack vector with low attack complexity and low impact on confidentiality, integrity, and availability.

Useful 0 Not Useful 0