CVE-2026-43583
Analyzed Analyzed - Analysis Complete
OpenClaw Session Context Bypass via Media Queue Recovery

Publication date: 2026-05-06

Last updated on: 2026-05-07

Assigner: VulnCheck

Description
OpenClaw versions 2026.4.10 before 2026.4.14 fail to persist session context during delivery queue recovery for media replay. Attackers can exploit recovered queued outbound media to bypass group tool policy enforcement and weaken channel media restrictions after service restart or recovery.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-06
Last Modified
2026-05-07
Generated
2026-06-16
AI Q&A
2026-05-07
EPSS Evaluated
2026-06-14
NVD
CVE-2026-43583
EUVD
EUVD-2026-28178
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
openclaw openclaw From 2026.4.10 (inc) to 2026.4.14 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-862 The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

The provided information does not specify any direct impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.

Mitigation Strategies

To mitigate this vulnerability, you should upgrade OpenClaw to version 2026.4.14 or newer.

The fixed version persists the relevant session context with delivery queue entries to ensure recovered media dispatch undergoes the same group tool policy checks, preventing attackers from bypassing policy enforcement.

Executive Summary

This vulnerability affects OpenClaw versions 2026.4.10 before 2026.4.14. The software fails to persist session context during delivery queue recovery for media replay. As a result, attackers can exploit the recovered queued outbound media to bypass group tool policy enforcement and weaken channel media restrictions after the service restarts or recovers.

Impact Analysis

The impact of this vulnerability is that attackers may bypass security policies related to group tools and media channel restrictions. This can lead to unauthorized media being delivered or replayed after a service restart or recovery, potentially compromising the intended controls and security measures in place.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-43583. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart