CVE-2026-44991
Received Received - Intake
Authorization Bypass in OpenClaw via Wildcard Sender Configuration

Publication date: 2026-05-11

Last updated on: 2026-05-11

Assigner: VulnCheck

Description
OpenClaw before 2026.4.21 contains an authorization bypass vulnerability in command-auth.ts that allows non-owner senders to execute owner-enforced slash commands when wildcard inbound senders are configured without explicit owner allowFrom settings. Attackers can exploit this by sending commands like /send, /config, or /debug on affected channels to bypass owner-only command authorization checks.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-11
Last Modified
2026-05-11
Generated
2026-06-21
AI Q&A
2026-05-11
EPSS Evaluated
2026-06-19
NVD
CVE-2026-44991
EUVD
EUVD-2026-29136
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
openclaw openclaw to 2026.4.21 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-863 The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability in OpenClaw before version 2026.4.21 is an authorization bypass issue in the command-auth.ts file. It allows non-owner users to execute commands that are supposed to be restricted to owners only, such as /send, /config, or /debug.

The problem occurs when wildcard inbound senders are configured (allowFrom: ["*"]) without explicit owner allowFrom settings. In this case, the system incorrectly authorizes non-owner senders to run owner-enforced slash commands by reusing the wildcard channel sender permission for command ownership checks.

The vulnerability was fixed by requiring explicit owner identity verification for owner-enforced commands, ensuring only the actual owner or an internal operator-admin can execute these commands.

Impact Analysis

This vulnerability can allow unauthorized users to bypass owner-only command restrictions and execute sensitive slash commands such as /send, /config, or /debug on affected channels.

While it does not grant additional privileges like tool access or administrative scope, it can lead to unauthorized command execution that may disrupt operations or expose sensitive configurations.

Attackers exploiting this flaw could manipulate channel settings or send commands that should be restricted, potentially causing operational issues or unauthorized changes.

Detection Guidance

This vulnerability can be detected by checking if your OpenClaw installation is configured with wildcard inbound senders (allowFrom: ["*"]) without explicit ownerAllowFrom settings while having owner-enforced commands enabled.

You can attempt to detect exploitation by monitoring or testing if non-owner users are able to execute owner-only slash commands such as /send, /config, or /debug on affected channels.

Specifically, you might try sending these commands from a non-owner account to see if they are improperly authorized.

There are no explicit detection commands provided in the resources, but testing command execution permissions for non-owner users on owner-enforced commands is a practical approach.

Mitigation Strategies

Immediate mitigation steps include upgrading OpenClaw to version 2026.4.21 or later, where the vulnerability has been patched.

If upgrading immediately is not possible, configure explicit owner permissions by setting the commands.ownerAllowFrom property to specify concrete owner identities instead of relying on wildcard inbound sender settings.

Ensure that the channel plugin does not use allowFrom: ["*"] without explicit ownerAllowFrom settings when commands.enforceOwnerForCommands is enabled.

These steps prevent unauthorized users from bypassing owner-only command authorization checks.

Compliance Impact

The provided information does not specify any direct impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-44991. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart