VYPR
← All advisories
Medium severity6.5NVD Advisory· Published Jun 12, 2026

CVE-2026-53824

CVE-2026-53824

Description

OpenClaw before 2026.4.24 has a token revocation vulnerability where revoked Mattermost slash tokens are still accepted during monitor refresh windows, allowing brief unauthorized command execution.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

OpenClaw before 2026.4.24 has a token revocation vulnerability where revoked Mattermost slash tokens are still accepted during monitor refresh windows, allowing brief unauthorized command execution.

Vulnerability

OpenClaw versions prior to 2026.4.24 contain a token revocation vulnerability in the Mattermost slash token handling. When a slash token is revoked, the monitor that validates tokens does not refresh immediately, creating a window where the revoked token is still accepted. This allows callers with revoked tokens to continue executing commands until the next monitor refresh cycle. The vulnerability is described in the advisory [1] and tracked as CWE-613 (Insufficient Session Expiration) [2].

Exploitation

An attacker who possesses a previously valid Mattermost slash token that has been revoked can exploit the stale token acceptance during the monitor refresh window. The attacker does not need additional authentication beyond the token itself. By sending requests with the revoked token before the monitor refreshes, the attacker can invoke slash command behavior. The advisory notes that this requires the affected feature to be enabled and reachable [1].

Impact

Successful exploitation allows an attacker to execute unauthorized slash commands briefly after token revocation. The practical impact depends on the operator's configuration and the commands available. This could lead to unauthorized actions such as data exposure, configuration changes, or other operations permitted by the slash commands. The vulnerability has a CVSS v3 score of 6.5 (Medium) and a CVSS v4 vector indicating high integrity impact [2].

Mitigation

The fixed version is 2026.4.24 [1]. As a workaround, operators can restart or refresh the Mattermost monitor after token rotation until the patch is applied. General hardening measures include keeping channel and tool allowlists narrow, avoiding sharing one Gateway between mutually untrusted users, and disabling the affected feature when not needed [1][2]. No KEV listing is currently available.

References
  1. Mattermost slash token revocation could lag until monitor refresh
  2. Mattermost < 2026.4.24 - Slash Token Revocation Lag via Monitor Refresh Delay

AI Insight generated on Jun 12, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

2
  • OpenClaw/Openclawinferred2 versions
    < 2026.4.24+ 1 more
    • (no CPE)range: < 2026.4.24
    • (no CPE)range: <2026.4.24

Patches

1
cbcfdf62c729

chore(release): prepare 2026.4.24

https://github.com/OpenClaw/OpenClawPeter SteinbergerApr 25, 2026Fixed in 2026.4.24via release-tag
commit
2 files changed · +2 2
  • package.json+1 1 modified
    @@ -1,6 +1,6 @@
 {
   "name": "openclaw",
-  "version": "2026.4.24-beta.6",
+  "version": "2026.4.24",
   "description": "Multi-channel AI gateway with extensible messaging integrations",
   "keywords": [],
   "homepage": "https://github.com/openclaw/openclaw#readme",
  • src/config/schema.base.generated.ts+1 1 modified
    @@ -27959,6 +27959,6 @@ export const GENERATED_BASE_CONFIG_SCHEMA: BaseConfigSchemaResponse = {
       tags: ["advanced", "url-secret"],
     },
   },
-  version: "2026.4.24-beta.6",
+  version: "2026.4.24",
   generatedAt: "2026-03-22T21:17:33.302Z",
 };

Vulnerability mechanics

Root cause

"The gateway accepts slash tokens during monitor refresh windows even after those tokens have been revoked."

Attack vector

An attacker who possesses a previously valid slash token but whose token has been revoked can still use it to invoke slash command behavior during monitor refresh windows [patch_id=5752434]. The vulnerability arises from stale token acceptance, meaning the gateway briefly honors revoked tokens until the next refresh cycle. Depending on the operator's configuration, this could allow unauthorized slash commands to be executed. The CVSS vector score (AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N) confirms the attack is network-based, requires low privileges (an attacker already had the token), and impacts integrity (not confidentiality or availability).

Affected code

The patch only bumps version numbers in `package.json` and `src/config/schema.base.generated.ts` — it does not contain any logic or code changes. The advisory describes a token revocation vulnerability in OpenClaw before 2026.4.24, where callers with revoked slash tokens can continue executing commands during monitor refresh windows, but the patch diff does not show the actual security fix.

What the fix does

The supplied patch only changes version strings from `2026.4.24-beta.6` to `2026.4.24` in `package.json` and `src/config/schema.base.generated.ts`. It does not modify any runtime logic for token verification, monitor refresh windows, or slash-command authorization. The actual security fix (e.g., ensuring revoked tokens are checked before accepting them during refresh) is not visible in this diff; this commit appears to be the release-tagging step of the version where the vulnerability was closed.

Preconditions

  • authThe attacker must hold a slash token that has been revoked by the operator but before the next monitor refresh window has completed.
  • networkThe attacker must have network access to the OpenClaw gateway to send requests with the stale token.
  • configThe operator must have configured slash commands that the attacker can invoke with the revoked token.

Generated on Jun 12, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

2

News mentions

0

No linked articles in our index yet.