CVE-2026-35647: OpenClaw: Matrix Verification Notices Bypass Matrix DM Policy and Reply to Unpaired DM Peers

March 27, 2026 (updated April 10, 2026)

Matrix Verification Notices Bypass Matrix DM Policy and Reply to Unpaired DM Peers

References

github.com/advisories/GHSA-9wqx-g2cw-vc7r
github.com/openclaw/openclaw
github.com/openclaw/openclaw/commit/2383daf5c4a4e08d9553e0e949552ad755ef9ec2
github.com/openclaw/openclaw/security/advisories/GHSA-9wqx-g2cw-vc7r
nvd.nist.gov/vuln/detail/CVE-2026-35647

Code Behaviors & Features

Detect and mitigate CVE-2026-35647 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →