CVE-2026-32975: OpenClaw

Patch now - CVE-2026-32975 is a critical authorization bypass in OpenClaw versions prior to 2026.3.12 that lets attackers impersonate allowlisted groups by duplicating their display name, enabling data exfiltration, phishing, and system disruption. Upgrade to version 2026.3.12 to fix the flawed group ID check.

Overview

A critical authorization bypass vulnerability has been discovered in OpenClaw, a popular collaboration and messaging platform. Tracked as CVE-2026-32975, this flaw affects all versions prior to 2026.3.12. The vulnerability resides in the platform’s “Zalouser allowlist mode,” a security feature designed to restrict which user groups can send messages to specific channels or agents.

In simple terms, the system was checking the wrong identifier. Instead of using a unique, stable group ID to verify if a group was authorized, it was incorrectly checking the group’s display name, which any user can change or duplicate. This design flaw allows for a straightforward bypass.

Vulnerability Details

In OpenClaw’s allowlist mode, administrators configure a list of approved groups that are permitted to route messages to certain destinations, such as support agents or announcement channels. The vulnerability exists because this check compares the mutable, user-defined display name of a group, rather than its underlying, immutable group identifier.

An attacker can exploit this by creating a new group and setting its display name to exactly match the name of an already allowlisted group. When this malicious group sends a message, the flawed authorization logic incorrectly approves it, believing it to be the legitimate, authorized group. This allows the attacker to route messages from an unintended, potentially malicious source directly to the protected agent or channel.

Impact and Risks

With a maximum CVSS score of 9.8 (Critical), the impact of this vulnerability is severe. Successful exploitation leads to a complete bypass of channel authorization controls.

The primary risks include:

• Data Exfiltration: Attackers could route sensitive information from unauthorized groups out of the organization.
• Social Engineering & Phishing: Malicious actors could impersonate legitimate departments (like “IT Support” or “HR”) to send fraudulent instructions or phishing links directly to employees via trusted channels.
• System Misinformation: False alerts or commands could be injected into operational channels, causing disruption.
• Loss of System Integrity: The fundamental security boundary of group-based allowlisting is broken.

This type of access control failure is a common vector in larger security incidents. For analysis of real-world breaches stemming from similar flaws, you can review past incidents at breach reports.

Remediation and Mitigation

The only complete solution is to apply the official patch.

Immediate Action Required:

1. Upgrade: All users must upgrade OpenClaw to version 2026.3.12 or later immediately. This update replaces the display name check with a proper check of the stable group identifier.
2. Verify Configuration: After patching, administrators should audit their Zalouser allowlist configurations to ensure they are functioning as intended with the corrected logic.

Temporary Mitigation (If Patching is Delayed):

• Consider disabling the Zalouser allowlist mode for critical channels until the upgrade can be performed, and rely on alternative permission structures if available. Be aware this may broaden access.
• Monitor group creation logs and audit logs for channels using allowlist mode for any suspicious activity, such as new groups with names identical to high-privilege groups.

Stay informed on the latest vulnerability disclosures and patches by following security news. Do not delay in applying this critical update to prevent potential exploitation of your messaging infrastructure.