CVE-2026-41406
Sender Allowlist Bypass in OpenClaw Enables Unauthorized Message Access
Publication date: 2026-04-28
Last updated on: 2026-04-30
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| openclaw | openclaw | to 2026.3.31 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-639 | The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-41406 is a sender allowlist bypass vulnerability in OpenClaw versions before 2026.3.31. It allows remote attackers to access restricted messages by exploiting the way fetched quoted messages, root messages, and thread context messages are handled. Specifically, the vulnerability arises because the system does not properly enforce sender allowlist restrictions when including these messages in the conversational context, enabling unauthorized users to retrieve content that should be restricted.
The issue occurs in the Feishu integration of OpenClaw, where messages from group threads are fetched and included in the agent's context without adequate filtering based on the sender allowlist. Attackers can leverage this to bypass restrictions and access messages from senders not on the allowlist.
How can this vulnerability impact me? :
This vulnerability can impact you by allowing unauthorized remote attackers to access restricted or sensitive messages that should be protected by sender allowlist controls. Attackers can retrieve unauthorized content from group threads by exploiting quoted messages, root messages, and thread context that bypass the allowlist filtering.
The unauthorized access to restricted messages can lead to information disclosure, potentially exposing sensitive or confidential data to attackers who are not authorized to view it. This could compromise privacy and security within your messaging environment.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this vulnerability involves monitoring the handling of Feishu messages within OpenClaw, specifically checking if fetched quoted, root, and thread context messages are properly filtered against the sender allowlist.
Since the vulnerability allows unauthorized messages to bypass the sender allowlist, you can look for logs or evidence of messages being included in the agent context despite their senders not being on the allowlist.
There are no explicit commands provided in the resources for detection, but you can audit the OpenClaw logs for entries indicating skipped or included messages based on sender allowlist filtering.
Additionally, reviewing the version of OpenClaw in use can help detect vulnerability presence: versions prior to 2026.3.31 are affected.
What immediate steps should I take to mitigate this vulnerability?
The primary mitigation step is to upgrade OpenClaw to version 2026.3.31 or later, where the vulnerability has been fixed.
The fix involves enhanced filtering of fetched Feishu group thread context messages based on a sender allowlist, ensuring only authorized senders' messages are included in the agent context.
If upgrading immediately is not possible, review and configure the Feishu group sender allowlist settings to restrict message inclusion as much as possible.
Monitor logs for any unauthorized message inclusions and consider disabling or limiting Feishu integration temporarily until the patch can be applied.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
CVE-2026-41406 allows remote attackers to bypass sender allowlist restrictions and access unauthorized message content in OpenClaw. This unauthorized access to restricted messages could potentially lead to exposure of sensitive or personal data.
Such unauthorized data access may impact compliance with data protection regulations like GDPR or HIPAA, which require strict controls on access to personal or protected health information. The vulnerability highlights risks related to improper authorization controls, which could result in data leakage or unauthorized disclosure.
The fix implemented in OpenClaw version 2026.3.31 enhances sender allowlist enforcement to prevent unauthorized message context retrieval, thereby mitigating risks that could affect regulatory compliance.