GHSA-72Q8-JCMC-97WX: Authorization Bypass in openclaw via Feishu Chat Misclassification
Vulnerability ID: GHSA-72Q8-JCMC-97WX
CVSS Score: 5.3
Published: 2026-04-25
OpenClaw versions prior to 2026.4.20 contain a vulnerability in the Feishu integration module where direct messages (DMs) are incorrectly classified as group chats during card interactions. This misclassification leads to a bypass of the dmPolicy enforcement mechanism, allowing unauthorized execution of bot commands within private contexts.
TL;DR
A flaw in OpenClaw's Feishu message parsing logic misclassifies DMs as group chats, bypassing private message access policies (dmPolicy).
Technical Details
- Vulnerability Class: Incorrect Authorization (CWE-863)
- Attack Vector: Network
- CVSS v3.1 Score: 5.3
- Exploit Status: Unexploited
- Authentication Required: None
- Impact Context: Application Level Access Control Bypass
Affected Systems
- openclaw npm package
-
openclaw: < 2026.4.20 (Fixed in:
2026.4.20)
Code Analysis
Commit: 90979d7
Fix card action chat type resolution misclassifying DMs as group chats.
Changes include implementing resolveCardActionChatType using im.chat.get API, adding an LRU cache, and setting default fallback to p2p.
Mitigation Strategies
- Upgrade the openclaw package to the patched version 2026.4.20.
- Audit and enforce strict authorization checks on both dmPolicy and group policies.
- Monitor application logs for fallback resolution warning messages.
Remediation Steps:
- Identify all projects and services utilizing the openclaw npm package.
- Update package.json to require openclaw version 2026.4.20 or greater.
- Run npm install or yarn install to fetch the patched version.
- Deploy the updated application to production environments.
- Review historical bot logs for unauthorized command execution triggered via card interactions.
References
Read the full report for GHSA-72Q8-JCMC-97WX on our website for more details including interactive diagrams and full exploit analysis.
Top comments (0)