OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.3.28 contained security vulnerabilities. These vulnerabilities stemmed from a permission bypass execution vulnerability, which allowed persistent execution of “always-always”...

CVE-2026-33578

OpenClaw before 2026.3.28 contains a sender policy bypass vulnerability in the Google Chat and Zalouser extensions where route-level group allowlists downgrade to an open policy, allowing bypass of sender restrictions and interaction with bots. Affected components include extensions/googlechat/sr...