CVE-2026-53863

Vulnerability

OpenClaw before version 2026.4.25 contains an input validation vulnerability in tool group policy callers that accept unvalidated group IDs. Affected callers can pass a group ID to the policy resolver without proper validation, leading to incorrect group-policy decisions for tool invocations. The flaw is present in all versions prior to the fix. [1][2]

Exploitation

An attacker who can supply a group ID to the vulnerable policy resolver (e.g., via network access or a plugin interface) can exploit this vulnerability. No special authentication is required beyond the ability to reach the affected code path. The attacker simply provides a crafted group ID, which the resolver accepts without validation, causing the wrong group policy to be applied. [1]

Impact

Successful exploitation can result in bypassing intended access controls for tool invocations, potentially leading to unauthorized access, data disclosure, or other security breaches depending on the environment and configuration. The practical impact varies based on how the affected feature is enabled and whether lower-trust input can reach that path. [1][2]

Mitigation

The first patched version is 2026.4.25. Users should upgrade to this version or later. As a workaround, avoid exposing group-policy controlled tools to untrusted senders until patched. Additional hardening includes narrowing channel and tool allowlists, avoiding shared gateways between untrusted users, and disabling the affected feature if not required. [1]