PatchSiren cyber security CVE debrief
CVE-2026-53823 OpenClaw CVE debrief
CVE-2026-53823 is a HIGH severity vulnerability in OpenClaw before 2026.5.3. The allowFrom feature binds to mutable Slack display names, allowing attackers with Slack account access to change display name metadata to match policy entries, potentially gaining unauthorized agent access intended for other identities. The vulnerability has a CVSS score of 8.6.
- Vendor
- OpenClaw
- Product
- Unknown
- CVSS
- HIGH 8.6
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-12
- Original CVE updated
- 2026-06-12
- Advisory published
- 2026-06-12
- Advisory updated
- 2026-06-12
Who should care
Users of OpenClaw before version 2026.5.3 who utilize the allowFrom feature with Slack display names should be aware of this vulnerability. Attackers with Slack account access could exploit this vulnerability to gain unauthorized access.
Technical summary
The vulnerability exists in the allowFrom feature of OpenClaw, which binds to mutable Slack display names. This allows an attacker with Slack account access to change their display name metadata to match policy entries, potentially gaining unauthorized agent access intended for other identities.
Defensive priority
HIGH
Recommended defensive actions
- Update OpenClaw to version 2026.5.3 or later.
- Review and restrict Slack display name changes to prevent exploitation.
- Monitor for suspicious activity related to Slack display name changes and agent access.
Evidence notes
The CVE-2026-53823 vulnerability was published on June 12, 2026, and has a CVSS score of 8.6. The vulnerability affects OpenClaw before version 2026.5.3.
Official resources
CVE-2026-53823 was published on 2026-06-12T22:16:53.463Z.