{"id":"CVE-2026-28471","details":"OpenClaw version 2026.1.14-1 prior to 2026.2.2, with the Matrix plugin installed and enabled, contain a vulnerability in which DM allowlist matching could be bypassed by exact-matching against sender display names and localparts without homeserver validation. Remote Matrix users can impersonate allowed identities by using attacker-controlled display names or matching localparts from different homeservers to reach the routing and agent pipeline.","aliases":["GHSA-rmxw-jxxx-4cpc"],"modified":"2026-03-14T15:05:55.460466Z","published":"2026-03-05T22:16:20.817Z","references":[{"type":"ADVISORY","url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-rmxw-jxxx-4cpc"},{"type":"ADVISORY","url":"https://www.vulncheck.com/advisories/openclaw-allowlist-bypass-via-displayname-and-cross-homeserver-localpart-matching-in-matrix"},{"type":"FIX","url":"https://github.com/openclaw/openclaw/commit/8f3bfbd1c4fb967a2ddb5b4b9a05784920814bcf"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/openclaw/openclaw","events":[{"introduced":"8daab932a2a8691073ac282ee594498b5e6cc3c0"},{"fixed":"95cd2210f93d6ab2acc5e29dbad6065294365863"},{"fixed":"8f3bfbd1c4fb967a2ddb5b4b9a05784920814bcf"}],"database_specific":{"versions":[{"introduced":"2026.1.14-1"},{"fixed":"2026.2.2"}]}}],"versions":["v2026.1.14-1","v2026.1.15","v2026.1.16-2","v2026.1.20","v2026.1.21","v2026.1.22","v2026.1.23","v2026.1.24","v2026.1.24-1","v2026.1.29","v2026.1.30","v2026.2.1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-28471.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}]}