CVE-2026-31991
OpenClaw has Signal group allowlist authorization bypass via DM pairing-store leakage
Description
### Summary In OpenClaw `2026.2.25`, Signal group authorization under `groupPolicy=allowlist` could accept sender identities sourced from DM pairing-store approvals. This allowed DM pairing approvals to leak into group allowlist evaluation. ### Impact This is an authorization-boundary weakness between DM pairing and group allowlist controls. A sender approved for DM pairing could pass group checks without explicit group allowlisting. ### Affected Packages / Versions - Package: `openclaw` (npm) - Latest published version affected: `2026.2.25` - Vulnerable range: `<= 2026.2.25` - Patched version (planned next release): `>= 2026.2.26` ### Fix OpenClaw now keeps DM pairing-store entries DM-only and enforces explicit group allowlist boundaries in shared DM/group policy resolution used by Signal and other channels. ### Fix Commit(s) - `8bdda7a651c21e98faccdbbd73081e79cffe8be0` - `64de4b6d6ae81e269ceb4ca16f53cda99ced967a` ### Release Process Note `patched_versions` is pre-set to the planned next release (`2026.2.26`). After npm publish of that version, this advisory is ready to publish without further content edits. Thanks @tdjackey for reporting.
How to fix CVE-2026-31991
To remediate CVE-2026-31991, upgrade the affected package to a fixed version below.
- —upgrade to 2026.2.26 or later
Is CVE-2026-31991 being exploited?
Low — EPSS is 0.0%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 2026.2.26