CVE-2026-28474 — AI Deep Analysis Summary

🚨 **Essence**: OpenClaw < 2026.2.6 has a critical **Allowlist Bypass** flaw. 📉 **Consequences**: Attackers can spoof user identities to gain **unauthorized access** to restricted AI conversations.…

🛡️ **CWE-863**: Incorrect Authorization. 🐛 **Flaw**: The system uses **equality matching** on the mutable `actor.name` field.…

🏢 **Vendor**: OpenClaw. 📦 **Product**: nextcloud-talk integration. 📅 **Affected**: Versions **prior to 2026.2.6**. ✅ **Fixed**: 2026.2.6 and later.

🕵️ **Hackers Can**: Spoof `actor.name` to match allowed User IDs. 🔓 **Privileges**: Bypass access controls to enter **restricted dialogues**.…

📉 **Threshold: LOW**. 🔑 **Auth**: No authentication required (PR:N). 🖱️ **UI**: No user interaction needed (UI:N). 🌐 **Network**: Remote exploit (AV:N). ⚡ **Complexity**: Low (AC:L). Easy to exploit!

🚫 **Public Exploit**: No PoC provided in data. 📜 **References**: GitHub Advisory & VulnCheck details exist. 🌍 **Wild Exploit**: Unconfirmed, but low barrier suggests high risk of rapid exploitation.

🔍 **Check**: Scan for OpenClaw/Nextcloud Talk versions < 2026.2.6. 📋 **Audit**: Review `actor.name` validation logic in code. 🛠️ **Tools**: Use VulnCheck or GitHub Security Advisories for detection.

✅ **Fixed**: Yes. 📥 **Patch**: Upgrade to **OpenClaw 2026.2.6+**. 🔗 **Commit**: See GHSA-r5h9-vjqc-hq3r for official fix details. 🔄 **Action**: Immediate update required.

🚧 **Workaround**: If unpatched, **disable** Nextcloud Talk integration temporarily. 🛑 **Restrict**: Block external access to the AI service. 👮 **Monitor**: Log all `actor.name` changes for anomalies.

🔥 **Urgency: CRITICAL**. 🚨 **Priority**: Patch Immediately. ⏳ **Risk**: CVSS 9.8 + Low Exploit Difficulty = High likelihood of active abuse. 📢 **Action**: Treat as top-tier emergency.