GHSA-RQ6G-PX6M-C248
Vulnerability from github – Published: 2026-02-18 00:54 – Updated: 2026-02-18 00:54Summary
When multiple Google Chat webhook targets are registered on the same HTTP path, and request verification succeeds for more than one target, inbound webhook events could be routed by first-match semantics. This can cause cross-account policy/context misrouting.
Affected Packages / Versions
- npm:
openclaw<= 2026.2.13 - npm:
clawdbot<= 2026.1.24-3
Details
Affected component: extensions/googlechat/src/monitor.ts.
Baseline behavior allowed multiple webhook targets per path and selected the first target that passed verifyGoogleChatRequest(...). In shared-path deployments where multiple targets can verify successfully (for example, equivalent audience validation), inbound events could be processed under the wrong account context (wrong allowlist/session/policy).
Fix
- Fix commit (merged to
main):61d59a802869177d9cef52204767cd83357ab79e openclawwill be patched in the next planned release:2026.2.14.
clawdbot is a legacy/deprecated package name; no patched version is currently planned. Migrate to openclaw and upgrade to openclaw >= 2026.2.14.
Workaround
Ensure each Google Chat webhook target uses a unique webhook path so routing is never ambiguous.
Release Process Note
The advisory is pre-populated with the planned patched version. After the npm release is published, the remaining action should be to publish the advisory.
Thanks @vincentkoc for reporting.
Fix commit 61d59a802869177d9cef52204767cd83357ab79e confirmed on main and in v2026.2.14. Upgrade to openclaw >= 2026.2.14.
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "openclaw"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2026.2.14"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "npm",
"name": "clawdbot"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "2026.1.24-3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [],
"database_specific": {
"cwe_ids": [
"CWE-284",
"CWE-639"
],
"github_reviewed": true,
"github_reviewed_at": "2026-02-18T00:54:14Z",
"nvd_published_at": null,
"severity": "HIGH"
},
"details": "## Summary\nWhen multiple Google Chat webhook targets are registered on the same HTTP path, and request verification succeeds for more than one target, inbound webhook events could be routed by first-match semantics. This can cause cross-account policy/context misrouting.\n\n## Affected Packages / Versions\n- npm: `openclaw` \u003c= 2026.2.13\n- npm: `clawdbot` \u003c= 2026.1.24-3\n\n## Details\nAffected component: `extensions/googlechat/src/monitor.ts`.\n\nBaseline behavior allowed multiple webhook targets per path and selected the first target that passed `verifyGoogleChatRequest(...)`. In shared-path deployments where multiple targets can verify successfully (for example, equivalent audience validation), inbound events could be processed under the wrong account context (wrong allowlist/session/policy).\n\n## Fix\n- Fix commit (merged to `main`): `61d59a802869177d9cef52204767cd83357ab79e`\n- `openclaw` will be patched in the next planned release: `2026.2.14`.\n\n`clawdbot` is a legacy/deprecated package name; no patched version is currently planned. Migrate to `openclaw` and upgrade to `openclaw \u003e= 2026.2.14`.\n\n## Workaround\nEnsure each Google Chat webhook target uses a unique webhook path so routing is never ambiguous.\n\n## Release Process Note\nThe advisory is pre-populated with the planned patched version. After the npm release is published, the remaining action should be to publish the advisory.\n\nThanks @vincentkoc for reporting.\n\n---\n\nFix commit 61d59a802869177d9cef52204767cd83357ab79e confirmed on main and in v2026.2.14. Upgrade to `openclaw \u003e= 2026.2.14`.",
"id": "GHSA-rq6g-px6m-c248",
"modified": "2026-02-18T00:54:14Z",
"published": "2026-02-18T00:54:14Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-rq6g-px6m-c248"
},
{
"type": "WEB",
"url": "https://github.com/openclaw/openclaw/commit/61d59a802869177d9cef52204767cd83357ab79e"
},
{
"type": "PACKAGE",
"url": "https://github.com/openclaw/openclaw"
},
{
"type": "WEB",
"url": "https://github.com/openclaw/openclaw/releases/tag/v2026.2.14"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:H/VA:N/SC:L/SI:L/SA:N",
"type": "CVSS_V4"
}
],
"summary": "OpenClaw Google Chat shared-path webhook target ambiguity allowed cross-account policy-context misrouting"
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.