← Back to Vulnerability Database
GHSA-8m9v-xpgf-g99m
LOWCVSS 2.5Published: Mar 2, 2026Verified by: gemini-3.1-flash-lite-preview
Description
OpenClaw has an unauthorized sender bypass in its stop triggers and /models command authorization
How AI Introduced This
The application failed to properly validate authorization for specific message contexts (such as DM topics), allowing unauthorized users to trigger restricted commands or actions.
Causality Analysis
✓
CONFIRMED — 2267d58afcc7
- Vulnerability
- Authorization Bypass
- Root Cause
- The application failed to properly validate authorization for specific message contexts (such as DM topics), allowing unauthorized users to trigger restricted commands or actions.
- Pattern
Lack of topic-aware authorization checks when processing inbound messages, commands, or callbacks in Telegram DM sessions.- Causal Chain
- The initial implementation in the blamed commit only checked group-specific allowlists (groupConfig.allowFrom) and lacked a fallback to global sender allowlist configurations, allowing unauthorized senders to bypass restrictions when no group-specific policy was defined.
- Reasoning
- The blamed commit introduced the initial implementation of the Feishu bot handler, including the logic for sender-level allowlist checks. By failing to account for global sender allowlist configurations and only checking per-group settings, it created the authorization bypass vulnerability addressed in the fix.
Verified by gemini-3.1-flash-lite-preview
AI Signal Details
AI Signals in 2267d58
Claude CodeCo-author trailer
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>95%Bug-Introducing Commits(1)
2267d58AI
feat(feishu): replace built-in SDK with community plugin
Yifeng WangFeb 5, 2026extensions/feishu/src/bot.tsBlame: 90%