(OpenClaw, Webhook Routing Ambiguity, CVE-2026-XXXXX) (Moderate)

Listen to this Post

The vulnerability, pending a CVE ID, resides in the Google Chat extension of OpenClaw (and its legacy package clawdbot) within the file `extensions/googlechat/src/monitor.ts` . The core issue is that the system allowed multiple webhook targets to be registered on the same HTTP endpoint path. When an incoming Google Chat webhook request was received, the application would iterate through these targets and select the first one for which the `verifyGoogleChatRequest(…)` function returned success . This “first-match” routing logic becomes problematic in shared-path deployments where verification can succeed for more than one target. This can happen, for example, if the audience validation for different targets is equivalent, causing the request to appear valid for multiple contexts. Consequently, an inbound webhook event meant for one specific account or configuration (with its own allowlist, session data, and policies) could be incorrectly processed under the context of a different target that happened to be first in the list . This cross-account misrouting could lead to actions being performed with incorrect permissions or on behalf of the wrong user. The issue is fixed by commit `61d59a8` and will be included in `openclaw` version 2026.2.14 . The `clawdbot` package is deprecated and will not receive a fix, requiring users to migrate to `openclaw` . A temporary workaround is to ensure every webhook target uses a completely unique path to eliminate routing ambiguity .
Platform: npm
Version: openclaw<=2026.2.13 / clawdbot<=2026.1.24-3
Vulnerability : Cross-account misrouting
Severity: Moderate
date: 2026-02-18

Prediction: 2026-02-18

What Undercode Say:

Analytics:

  • Affected Component: `extensions/googlechat/src/monitor.ts`
    – Fix Commit Hash: `61d59a802869177d9cef52204767cd83357ab79e`
    – Patched Version: `openclaw` >= 2026.2.14
  • Legacy Package: `clawdbot` (no fix, migration required)

Bash Commands:

Check installed version of openclaw
npm list openclaw
Check installed version of the legacy clawdbot
npm list clawdbot
Upgrade openclaw to the patched version
npm install [email protected]
If you have clawdbot, you must migrate and upgrade openclaw
npm uninstall clawdbot
npm install [email protected]

Exploit:

An attacker could potentially craft or influence a Google Chat webhook event that is valid for multiple misconfigured targets sharing a path. By doing so, the event could be processed by the wrong handler, allowing the attacker to perform actions or access data in the context of a different, potentially more privileged, target.

Protection from this CVE:

  1. Immediate Upgrade: Update `openclaw` to version `2026.2.14` or later immediately .
  2. Migration: If you are using the legacy `clawdbot` package, you must migrate your project to `openclaw` and then apply the upgrade .
  3. Workaround: If you cannot upgrade immediately, ensure that every Google Chat webhook target is configured with a completely unique HTTP path to prevent any ambiguity in routing .

Impact:

Successful exploitation could lead to cross-account policy and context misrouting. This means a webhook event could be processed under the wrong account context, potentially applying incorrect allowlists, sessions, or security policies, which could result in unauthorized data access or unintended actions .

🎯Let’s Practice Exploiting & Learn Patching For Free:

Sources:

Reported By: github.com
Extra Source Hub:
Undercode

🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]

💬 Whatsapp | 💬 Telegram

📢 Follow DailyCVE & Stay Tuned:

𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin Featured Image

Scroll to Top