CVE-2026-28474
Published: 05 March 2026
Summary
CVE-2026-28474 is a critical-severity Incorrect Authorization (CWE-863) vulnerability in Openclaw Openclaw. Its CVSS base score is 9.8 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 21.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 AC-16 (Security and Privacy Attributes) and AC-3 (Access Enforcement).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Requires enforcement of approved authorizations using immutable identifiers rather than mutable display names, directly preventing allowlist bypass in Nextcloud Talk.
Mandates validation and proper binding of security attributes like user IDs to prevent spoofing via mutable actor.name fields in authorization decisions.
Directly addresses timely flaw remediation by requiring upgrades to patched versions like Nextcloud Talk 2026.2.6 that fix the authorization logic.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
CVE describes remote unauthenticated authorization bypass in public-facing Nextcloud Talk plugin via display-name spoofing of allowlisted user IDs (CWE-863), directly enabling T1190 (Exploit Public-Facing Application) for initial access and T1656 (Impersonation) to reach restricted DMs/rooms.
NVD Description
OpenClaw's Nextcloud Talk plugin versions prior to 2026.2.6 accept equality matching on the mutable actor.name display name field for allowlist validation, allowing attackers to bypass DM and room allowlists. An attacker can change their Nextcloud display name to match an…
more
allowlisted user ID and gain unauthorized access to restricted conversations.
Deeper analysisAI
CVE-2026-28474 is a critical vulnerability in OpenClaw's Nextcloud Talk plugin, affecting versions prior to 2026.2.6. The flaw stems from the plugin's allowlist validation mechanism, which performs equality matching on the mutable actor.name display name field (CWE-863: Incorrect Authorization). This allows attackers to spoof an allowlisted user ID by simply altering their Nextcloud display name, thereby bypassing direct message (DM) and room allowlists. The vulnerability carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating high severity due to its remote, unauthenticated nature.
Any unauthenticated attacker with the ability to modify their own Nextcloud display name can exploit this issue. By setting their display name to match an allowlisted user ID, the attacker gains unauthorized access to restricted conversations, including private DMs and rooms intended only for specific participants. This results in high confidentiality, integrity, and availability impacts, as attackers can read sensitive messages, participate in conversations, or disrupt room functionality without detection.
Mitigation is addressed in OpenClaw's security advisory (GHSA-r5h9-vjqc-hq3r) and a specific commit (6b4b6049b47c3329a7014509594647826669892d), with the fix released in version 2026.2.6. Security practitioners should upgrade to Nextcloud Talk plugin version 2026.2.6 or later and review allowlist configurations to ensure reliance on immutable identifiers rather than display names. Additional details are available in the VulnCheck advisory on actor.name display name spoofing.
Details
- CWE(s)