Platform
nodejs
Component
openclaw
Fixed in
2026.3.28
2026.3.28
CVE-2026-33578 describes an authorization bypass vulnerability in OpenClaw. This flaw allows unauthorized users within allowlisted Google Chat spaces or Zalouser groups to interact with the bot, circumventing intended sender-level restrictions. The vulnerability affects versions of OpenClaw up to 2026.3.24 and has been resolved in version 2026.3.28, which is also the latest stable release.
The primary impact of CVE-2026-33578 is the circumvention of intended access controls within OpenClaw's Google Chat and Zalouser integrations. An attacker, who is already a member of an allowlisted space or group, can bypass sender-level restrictions and interact with the bot as if they were authorized. This could lead to unauthorized data access, command execution (depending on the bot's functionality), or other actions that the operator intended to restrict. The blast radius is limited to users within the affected Google Chat spaces and Zalouser groups, but the potential for misuse is significant given the bypass of intended security measures.
CVE-2026-33578 was publicly disclosed on 2026-04-01. There is no indication of active exploitation or KEV listing at the time of writing. Public proof-of-concept code is not currently available, but the vulnerability's nature suggests it could be relatively easy to exploit once a PoC is developed. The EPSS score is likely to be medium, given the potential impact and the lack of public exploits.
Exploit Status
EPSS
0.01% (1% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2026-33578 is to upgrade OpenClaw to version 2026.3.28 or later. This version contains the fix that correctly enforces sender-level restrictions. If upgrading is not immediately feasible, consider temporarily reviewing and tightening access controls within Google Chat spaces and Zalouser groups. While not a complete solution, this can reduce the potential attack surface. There are no specific WAF or proxy rules that can directly mitigate this vulnerability, as it resides within the application logic. Monitor bot activity for unusual or unauthorized interactions following the upgrade.
Update OpenClaw to version 2026.3.28 or later. This update corrects the sender policy bypass vulnerability in the Google Chat and Zalouser extensions.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-33578 is a critical vulnerability in OpenClaw where attackers can bypass sender-level restrictions in Google Chat and Zalouser integrations, allowing unauthorized interaction with the bot.
You are affected if you are using OpenClaw versions 2026.3.24 or earlier, especially if you rely on route-level group allowlists for access control.
Upgrade OpenClaw to version 2026.3.28 or later to resolve the vulnerability. This is the recommended and primary mitigation.
There is currently no evidence of active exploitation, but the vulnerability's nature suggests it could be exploited once a proof-of-concept is developed.
Refer to the OpenClaw project's official website or GitHub repository for the latest security advisories and release notes.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.