Listen to this Post
The vulnerability CVE-2026-25474 resides in the Google Chat allowlisting functionality within the `extensions/googlechat/src/monitor.ts` component of OpenClaw and Clawdbot. The `allowFrom` check was designed to accept both immutable sender resource names (users/<id>) and raw email addresses ([email protected]) for usability. However, the system historically also treated entries formatted as `users/users/<id>) by an administrator. If a deployment assumed allowlists were strictly keyed by immutable principals, this assumption could be violated. An attacker with control over identity lifecycle management (e.g., Google Workspace admin) could potentially reassign a trusted email to a different account, gaining the privileges associated with that email in the allowlist. The fix deprecates treating `users/
dailycve form:
Platform: OpenClaw/Clawdbot
Version: <=2026.2.13/2026.1.24-3
Vulnerability: Weak Identity Binding
Severity: Low
date: 2026-02-14
Prediction: Patch expected 2026-02-14
(end of form)
What Undercode Say:
Analytics:
The vulnerability stems from ambiguous handling of principal identifiers. The function `allowFrom` in `monitor.ts` did not distinguish between a formatted immutable ID (users/12345) and a formatted email string (users/[email protected]). This flaw weakens defense-in-depth by allowing a mutable attribute (email) to be used where an immutable attribute (resource ID) was expected. Attackers require significant privileges (IdP admin) to exploit, but it lowers the barrier for lateral movement post-compromise.
Example of checking if a vulnerable version is installed npm list openclaw | grep "openclaw@2" npm list clawdbot | grep "clawdbot@2026" Command to update to a patched version npm install [email protected] --save npm install [email protected] --save
How Exploit:
Attacker gains control over identity provider. Reassigns victim’s email to attacker-controlled account. Attacker sends message to Google Chat bot. Bot allowlist checks email, grants access. Attacker interacts with bot using stolen identity.
Protection from this CVE
Update to patched versions. Review allowlists for `users/
Impact:
Bypass of allowlist restrictions. Unauthorized access to bot functionality. Increased risk in chained compromise scenarios.
🎯Let’s Practice Exploiting & Learn Patching For Free:
Sources:
Reported By: github.com
Extra Source Hub:
Undercode

