OpenClaw Sender Policy Allowlist Bypass Vulnerability in Google Chat and Zalouser Extensions
Vulnerability
A sender policy bypass vulnerability has been identified in OpenClaw versions prior to 2026.3.28, specifically within the Google Chat and Zalouser extensions. This vulnerability arises because route-level group allowlist policies are silently downgraded to open policy, allowing attackers to bypass sender restrictions and interact with bots, contrary to the intended allowlist controls.
Impact
Exploitation of this vulnerability allows any member of an allowlisted Google Chat space or Zalouser group to interact with the bot, bypassing sender-level restrictions that were supposed to be in place.
Reproduction
The vulnerability can be reproduced by configuring a route-level group allowlist in either Google Chat or Zalouser, and then sending a message from a group member. The bot will respond as if the sender was not restricted, despite the allowlist configuration.
Remediation
Users can update to OpenClaw version 2026.3.28 or later, where this vulnerability has been patched.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.