CVE-2026-44993
OpenClaw Feishu Extension Message Classification Bypass
Publication date: 2026-05-11
Last updated on: 2026-05-11
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| openclaw | openclaw | to 2026.4.20 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-184 | The product implements a protection mechanism that relies on a list of inputs (or properties of inputs) that are not allowed by policy or otherwise require other action to neutralize before additional processing takes place, but the list is incomplete. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in OpenClaw versions before 2026.4.20 and involves a message classification flaw in Feishu card-action callbacks.
Specifically, direct messages (DMs) are incorrectly classified as group conversations, which allows attackers to bypass direct message policy restrictions.
Attackers can trigger card-action flows in direct message conversations that should have been blocked by restrictive policies, effectively circumventing intended access controls.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided information does not specify any direct impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.
How can this vulnerability impact me? :
The vulnerability can lead to unauthorized access to direct message conversations that are supposed to be restricted by policy.
Attackers can exploit this flaw to bypass dmPolicy enforcement, potentially exposing sensitive or private communications.
This could result in privacy breaches or leakage of confidential information within direct messages.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability involves misclassification of direct messages as group conversations in Feishu card-action callbacks within OpenClaw versions before 2026.4.20. Detection would require monitoring or inspecting Feishu card-action flows to identify if direct messages are being incorrectly routed or if restrictive DM policies are being bypassed.
Since the issue is related to chat type classification, one approach is to check logs or traces for card-action callbacks where the chat_mode or chat_type fields are inconsistent or where direct messages are treated as group conversations.
No specific detection commands are provided in the available resources. However, you might consider commands or scripts that query or log Feishu card-action callback data, focusing on the chat_mode and chat_type fields, to verify correct classification.
What immediate steps should I take to mitigate this vulnerability?
The primary mitigation step is to upgrade OpenClaw to version 2026.4.20 or later, where the vulnerability has been patched.
- Apply the patch that fixes the Feishu card-action handler to correctly resolve chat types by prioritizing the chat_mode field over chat_type.
- Ensure that the 30-minute TTL cache for chat type lookups is enabled to prevent misclassification and cross-account contamination.
- Verify that log sanitization is in place to avoid leaking sensitive information such as chat IDs and error details.
If upgrading immediately is not possible, consider restricting or monitoring Feishu card-action flows in direct messages to prevent policy bypass until the patch can be applied.