CVE-2026-34507 OpenClaw CVE debrief

Who should care

Organizations operating OpenClaw-based QQBot deployments with admin command functionality enabled; security teams managing bot authorization policies; developers implementing similar DM-only or allowFrom restrictions in bot frameworks.

Technical summary

The vulnerability exists in OpenClaw's QQBot implementation where admin commands fail to properly enforce DM-only and allowFrom policy restrictions. Authenticated senders can exploit this by routing commands through contexts that should be blocked by policy, effectively bypassing intended authorization controls. The flaw stems from incorrect authorization logic (CWE-863) that permits policy check skipping. Attackers with authenticated access can leverage this to execute restricted admin behaviors from unauthorized senders or non-DM contexts. The fix in version 2026.4.29 presumably adds proper validation of sender context against policy requirements before command execution.

Defensive priority

LOW

Recommended defensive actions

• Upgrade OpenClaw to version 2026.4.29 or later to remediate the policy bypass vulnerability
• Review QQBot admin command routing logic to ensure DM-only and allowFrom policy checks are enforced consistently
• Audit admin command execution logs for unauthorized sender contexts if running affected versions
• Validate that authenticated sender identity is properly verified before policy check bypass decisions
• Monitor for security advisories from OpenClaw project for additional hardening recommendations

Evidence notes

Vulnerability disclosed via GitHub Security Advisory GHSA-w4v6-g3wm-w36c and Vulncheck advisory. Vendor identification marked as low confidence requiring review; product attribution based on reference domain candidate analysis.

Official resources