CVE-2026-32005 in OpenClaw
Summary
by MITRE • 03/20/2026
OpenClaw versions prior to 2026.2.25 fail to enforce sender authorization checks for interactive callbacks including block_action, view_submission, and view_closed in shared workspace deployments. Unauthorized workspace members can bypass allowFrom restrictions and channel user allowlists to enqueue system-event text into active sessions.
Once again VulDB remains the best source for vulnerability data.
Analysis
by VulDB Data Team • 03/25/2026
This vulnerability exists in OpenClaw versions prior to 2026.2.25 where the system fails to properly validate sender authorization for interactive callback mechanisms. The flaw specifically affects block_action, view_submission, and view_closed events within shared workspace environments. These callback functions are designed to handle user interactions and system events but lack proper authentication checks that would normally prevent unauthorized access. The vulnerability stems from insufficient validation of the originating sender's credentials and permissions, allowing malicious actors to exploit this weakness in shared deployments.
The technical implementation of this flaw enables attackers to manipulate the authorization flow by crafting specially formatted callback requests that bypass the normal access control mechanisms. When workspace members attempt to submit actions or view submissions, the system should verify that the requesting user has appropriate permissions to perform these operations within the specific channel or context. However, due to the missing authorization checks, any user with access to the shared workspace can potentially submit these callbacks regardless of their role or channel-specific allowlists. This represents a direct violation of the principle of least privilege and creates an attack vector that can be exploited to enqueue system-event text into active sessions without proper authorization.
The operational impact of this vulnerability is significant as it allows unauthorized users to potentially manipulate active sessions and inject system-level events that could lead to further exploitation. Attackers could use this capability to execute malicious actions within the workspace, potentially escalating their privileges or disrupting normal operations. The vulnerability is particularly dangerous in shared workspace deployments where multiple users with varying permission levels collaborate, as it creates a pathway for lower-privileged users to perform actions typically restricted to administrators or authorized personnel. This could result in data integrity issues, session hijacking, or unauthorized access to sensitive workspace functions.
Security professionals should implement immediate mitigations including updating to OpenClaw version 2026.2.25 or later, which includes proper authorization enforcement for the affected callback mechanisms. Organizations should also review their shared workspace configurations and ensure that proper access controls are in place for interactive callbacks. The vulnerability aligns with CWE-285 which addresses improper authorization in software systems, and represents a clear violation of the ATT&CK technique T1078 which covers valid accounts and legitimate credentials. Additional defensive measures include implementing network segmentation to limit access to callback endpoints and monitoring for unusual callback activity patterns that might indicate exploitation attempts.