GHSA-GP3Q-WPQ4-5C5H
Vulnerability from github – Published: 2026-03-12 14:21 – Updated: 2026-03-12 14:21Summary
In specific LINE configurations, sender IDs approved through DM pairing could also satisfy group allowlist checks when operators expected group sender access to be scoped only to explicit group allowlists.
Affected Packages / Versions
- Package:
openclaw(npm) - Latest published version at triage/update time:
2026.2.25 - Affected:
<= 2026.2.25 - Patched:
>= 2026.2.26(planned next release)
Impact
This is a group-authorization scope mismatch. DM pairing-store entries could influence group sender authorization in allowlist mode.
Technical Details
Root cause: group allowlist composition inherited pairing-store entries intended for DM approvals. Under default DM pairing policy, a DM-paired sender could match group allowlist checks.
Fixes on main:
- isolate group allowlist composition from pairing-store entries
- centralize shared DM/group allowlist composition to preserve DM-only pairing behavior
- add regression coverage for LINE and Mattermost policy paths
Fix Commit(s)
8bdda7a651c21e98faccdbbd73081e79cffe8be0892a9c24b0f6118729ab5b5f5499b1a7e792dd15(follow-up refactor hardening)
Release Process Note
patched_versions is pre-set to >= 2026.2.26 so once npm 2026.2.26 is published, this advisory can be published directly without additional version-field edits.
Thanks @tdjackey for reporting.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 2026.2.25"
},
"package": {
"ecosystem": "npm",
"name": "openclaw"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2026.2.26"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [],
"database_specific": {
"cwe_ids": [
"CWE-863"
],
"github_reviewed": true,
"github_reviewed_at": "2026-03-12T14:21:45Z",
"nvd_published_at": null,
"severity": "HIGH"
},
"details": "### Summary\nIn specific LINE configurations, sender IDs approved through DM pairing could also satisfy group allowlist checks when operators expected group sender access to be scoped only to explicit group allowlists.\n\n### Affected Packages / Versions\n- Package: `openclaw` (npm)\n- Latest published version at triage/update time: `2026.2.25`\n- Affected: `\u003c= 2026.2.25`\n- Patched: `\u003e= 2026.2.26` (planned next release)\n\n### Impact\nThis is a group-authorization scope mismatch. DM pairing-store entries could influence group sender authorization in allowlist mode.\n\n### Technical Details\nRoot cause: group allowlist composition inherited pairing-store entries intended for DM approvals. Under default DM pairing policy, a DM-paired sender could match group allowlist checks.\n\nFixes on `main`:\n- isolate group allowlist composition from pairing-store entries\n- centralize shared DM/group allowlist composition to preserve DM-only pairing behavior\n- add regression coverage for LINE and Mattermost policy paths\n\n### Fix Commit(s)\n- `8bdda7a651c21e98faccdbbd73081e79cffe8be0`\n- `892a9c24b0f6118729ab5b5f5499b1a7e792dd15` (follow-up refactor hardening)\n\n### Release Process Note\n`patched_versions` is pre-set to `\u003e= 2026.2.26` so once npm `2026.2.26` is published, this advisory can be published directly without additional version-field edits.\n\nThanks @tdjackey for reporting.",
"id": "GHSA-gp3q-wpq4-5c5h",
"modified": "2026-03-12T14:21:45Z",
"published": "2026-03-12T14:21:45Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-gp3q-wpq4-5c5h"
},
{
"type": "WEB",
"url": "https://github.com/openclaw/openclaw/commit/892a9c24b0f6118729ab5b5f5499b1a7e792dd15"
},
{
"type": "WEB",
"url": "https://github.com/openclaw/openclaw/commit/8bdda7a651c21e98faccdbbd73081e79cffe8be0"
},
{
"type": "PACKAGE",
"url": "https://github.com/openclaw/openclaw"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N",
"type": "CVSS_V3"
}
],
"summary": "OpenClaw: LINE group allowlist scope mismatch with DM pairing-store entries"
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.