OpenClaw versions prior to 2026.3.12 contain a critical authorization bypass vulnerability that allows attackers to circumvent group-specific security controls by misclassifying chat types.

The vulnerability occurs when Feishu reaction events omit the chat_type field, leading OpenClaw to misclassify them as peer-to-peer (p2p) conversations. Attackers can exploit this logic error to bypass groupAllowFrom and requireMention protections that are only enforced for group chats.

By bypassing group-specific authorization, an attacker can interact with the agent in ways that should be restricted, potentially leading to unauthorized information disclosure or command execution within a group context. The CVSS score of 9.8 reflects the high severity of bypassing these fundamental security boundaries.

Immediate Action: Update OpenClaw to version 2026.3.12 or later to ensure that reaction events are correctly classified and security policies are strictly enforced.

Proactive Monitoring: Review Feishu integration logs for reaction events missing chat_type and audit agent interactions that may have bypassed group restrictions.

Compensating Controls: Implement secondary validation layers for sensitive agent commands that require explicit user confirmation regardless of the chat type.

Public Exploit Available: false

Authorization bypasses involving message classification can lead to subtle but dangerous security failures. Organizations using OpenClaw with Feishu must apply the 2026.3.12 update immediately to ensure all security protections are active across all chat types.