<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/"><channel><title>Npm/Openclaw (&lt;= 2026.5.6) - CraftedSignal Threat Feed</title><link>https://feed.craftedsignal.io/products/npm/openclaw--2026.5.6/</link><description>Trending threats, MITRE ATT&amp;CK coverage, and detection metadata. Fed continuously.</description><generator>Hugo</generator><language>en</language><managingEditor>hello@craftedsignal.io</managingEditor><webMaster>hello@craftedsignal.io</webMaster><lastBuildDate>Fri, 03 Jul 2026 12:13:27 +0000</lastBuildDate><atom:link href="https://feed.craftedsignal.io/products/npm/openclaw--2026.5.6/feed.xml" rel="self" type="application/rss+xml"/><item><title>OpenClaw Matrix allowFrom Vulnerability (CVE-2026-53811)</title><link>https://feed.craftedsignal.io/briefs/2026-07-openclaw-matrix-vulnerability/</link><pubDate>Fri, 03 Jul 2026 12:13:27 +0000</pubDate><author>hello@craftedsignal.io</author><guid isPermaLink="true">https://feed.craftedsignal.io/briefs/2026-07-openclaw-matrix-vulnerability/</guid><description>A high-severity vulnerability (CVE-2026-53811) in OpenClaw's Matrix `allowFrom` feature allows threat actors to exploit mutable display names to match policy entries, potentially granting unauthorized agent access intended for another Matrix identity.</description><content:encoded><![CDATA[<p>A significant vulnerability, tracked as CVE-2026-53811, has been identified in OpenClaw's Matrix <code>allowFrom</code> feature, affecting versions up to <code>2026.5.6</code>. This flaw allows a Matrix account with the ability to change its display name to bypass security policies by having its mutable display metadata match an entry in an allowlist. This misconfiguration can lead to unauthorized agent access, where permissions intended for a legitimate Matrix identity are mistakenly granted to an attacker-controlled account. The issue arises when the affected feature is enabled and reachable, particularly when lower-trust input can influence the path that leads to policy matching. While this vulnerability does not alter OpenClaw's trusted-operator model, its practical impact is highly dependent on the operator's specific configuration and the sensitivity of the agent access granted.</p>
<h2 id="impact">Impact</h2>
<p>When this vulnerability is present and actively exploited, and the affected feature is enabled and reachable by untrusted input, it could allow an attacker to gain unauthorized agent access that was intended for a different, legitimate Matrix identity. The practical severity of this impact is directly tied to an organization's specific configuration of OpenClaw, the types of agents and permissions managed by the vulnerable <code>allowFrom</code> feature, and whether lower-trust users or external inputs can interact with this path. Successful exploitation could lead to data compromise, unauthorized operations, or broader system access, depending on the privileges associated with the hijacked agent identity.</p>
<h2 id="recommendation">Recommendation</h2>
<ul>
<li><strong>Patch CVE-2026-53811 immediately:</strong> Upgrade all instances of <code>npm/openclaw</code> to version <code>2026.5.7</code> or newer to remediate CVE-2026-53811.</li>
<li><strong>Implement policy hardening:</strong> Until patching is complete, configure allowlists using stable Matrix user IDs (e.g., <code>@user:matrix.org</code>) instead of mutable display names.</li>
<li><strong>Restrict access:</strong> Review and narrow channel and tool allowlists to the absolute minimum necessary.</li>
<li><strong>Isolate environments:</strong> Avoid sharing a single OpenClaw Gateway between mutually untrusted users or departments.</li>
<li><strong>Disable unnecessary features:</strong> Disable the <code>allowFrom</code> feature if it is not explicitly required for operational purposes, removing the attack surface for CVE-2026-53811.</li>
</ul>
]]></content:encoded><category domain="severity">high</category><category domain="type">threat</category><category>vulnerability</category><category>matrix</category><category>openclaw</category><category>npm</category></item></channel></rss>