Improper access control in OpenClaw - #VU129450
Published: May 4, 2026
OpenClaw
Detailed vulnerability description
The vulnerability allows a remote user to inject instructions into another session as if they were direct user instructions.
The vulnerability exists due to improper access control in sessions_send message handling when persisting routed inter-session prompts without provenance metadata. A remote user can send a crafted inter-session message to inject instructions into another session as if they were direct user instructions.
This issue affects workflows that trust role: "user" as the sole authority signal.