Platform
other
Component
openclaw
Fixed in
2026.2.2
CVE-2026-28471 is a vulnerability affecting OpenClaw installations with the Matrix plugin enabled. This flaw allows remote Matrix users to bypass the DM allowlist, potentially impersonating allowed identities. The vulnerability impacts OpenClaw versions 2026.1.14-1 through 2026.2.2. A fix is available in version 2026.2.2.
The core of this vulnerability lies in the DM allowlist matching process within the Matrix plugin. Instead of validating the sender's identity against the homeserver, the plugin allows matching against display names and localparts without proper verification. An attacker can exploit this by crafting Matrix messages with display names or localparts that exactly match entries in the allowlist, effectively bypassing the intended security controls. This allows the attacker to impersonate legitimate users, potentially gaining access to their private messages, initiating actions on their behalf, or disrupting communication flows within the OpenClaw environment. The potential blast radius depends on the sensitivity of the data handled within the DM and the permissions granted to the impersonated user.
CVE-2026-28471 was publicly disclosed on March 5, 2026. Currently, there is no indication of active exploitation or a KEV listing. No public proof-of-concept (PoC) code has been released. The EPSS score is likely low given the lack of public exploitation and PoCs.
Exploit Status
EPSS
0.04% (12% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2026-28471 is to upgrade OpenClaw to version 2026.2.2 or later, which includes the fix for this vulnerability. If an immediate upgrade is not feasible due to compatibility issues or downtime constraints, consider implementing temporary workarounds. While a direct WAF rule is unlikely to be effective due to the nature of the vulnerability, carefully reviewing and tightening the DM allowlist rules to prevent overly permissive matching can reduce the attack surface. Monitor Matrix logs for suspicious activity, particularly messages originating from unexpected homeservers or with unusual display names. After upgrading, confirm the fix by attempting to send a Matrix message with a display name that should be blocked by the allowlist; the message should be rejected.
Update OpenClaw to version 2026.2.2 or higher. This version fixes the allowlist bypass vulnerability in the Matrix plugin, which allowed identity impersonation via display names or matching localparts.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-28471 is a vulnerability in OpenClaw's Matrix plugin allowing remote attackers to bypass DM allowlists and impersonate users by matching display names or localparts without homeserver validation.
You are affected if you are running OpenClaw versions 2026.1.14-1 through 2026.2.2 with the Matrix plugin enabled and have not upgraded.
Upgrade OpenClaw to version 2026.2.2 or later to resolve the vulnerability. Consider tightening DM allowlist rules as a temporary workaround.
There is currently no evidence of active exploitation of CVE-2026-28471.
Refer to the official OpenClaw security advisories on their website or relevant security mailing lists for the latest information.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.