Executive Summary

CVE-2026-35647 is an access control vulnerability in OpenClaw versions before 2026.3.25. It occurs because verification notices bypass direct message (DM) policy checks, allowing attackers to send verification notices and reply to users who are not paired or authorized under the DM policies. This happens due to insufficient access validation before message transmission, enabling unauthorized communication with unpaired or disallowed peers.

Technically, the vulnerability involves Matrix verification notices not being properly gated by DM access controls, which leads to an authentication and authorization flaw where verification notices circumvent intended DM restrictions.

Useful 0 Not Useful 0

Impact Analysis

This vulnerability allows attackers to send verification notices and reply to users outside of the allowed direct message policies, potentially enabling unauthorized communication with users who should be inaccessible under the DM restrictions.

Because the vulnerability is remotely exploitable without any privileges or user interaction, attackers can exploit it to bypass access controls, which may lead to unauthorized interactions or social engineering attacks.

The impact on confidentiality is low, and there is no impact on availability or other security metrics, but the integrity of direct message access controls is compromised.

Useful 0 Not Useful 0

Detection Guidance

This vulnerability involves unauthorized verification notices bypassing direct message (DM) policy checks in OpenClaw, allowing unpaired or unauthorized peers to send or reply to verification notices.

Detection can focus on monitoring verification notice traffic in Matrix direct messages to identify verification notices sent from users who are not paired or authorized under your DM policies.

Since the vulnerability is related to verification notices bypassing access controls, you can look for unusual or unexpected verification notice events in your system logs or network traffic.

Specific commands are not provided in the available resources, but general approaches include:

• Inspect OpenClaw or Matrix server logs for verification notice events originating from unpaired or unauthorized users.
• Use network monitoring tools (e.g., tcpdump, Wireshark) to capture and filter Matrix protocol traffic, focusing on verification notice messages.
• Implement or enable verbose logging in OpenClaw to capture blocked or allowed verification notices, as the patched version logs blocked attempts.

Useful 0 Not Useful 0

Mitigation Strategies

The primary mitigation step is to upgrade OpenClaw to version 2026.3.25 or later, where the vulnerability has been fixed by properly gating verification notices with DM access checks.

If upgrading immediately is not possible, consider the following temporary measures:

• Disable Matrix DM verification notices by setting the `dmEnabled` flag to false, preventing verification notices from being processed.
• Configure the `dmPolicy` to "disabled" or a restrictive policy such as "pairing" or "allowlist" to limit verification notices only to authorized users.
• Manually maintain and enforce allowlists (`allowFrom` and `storeAllowFrom`) of user IDs permitted to send verification notices.

Additionally, monitor logs for any unauthorized verification notice attempts and block or investigate suspicious activity.

Useful 0 Not Useful 0

Compliance Impact

The provided information does not specify any direct impact of CVE-2026-35647 on compliance with common standards and regulations such as GDPR or HIPAA.

Useful 0 Not Useful 0