Matrix profile config persistence was reachable from operator.write message tools.
openclaw< 2026.4.10>= 2026.4.10Gateway operator.write message-tool paths could reach Matrix profile persistence that should have required admin-level authority.
The fix gates Matrix profile updates for non-owner message-tool runs and prevents write-scoped callers from mutating persistent profile config.
The issue was fixed in #62662. The first stable tag containing the fix is v2026.4.10, and openclaw@2026.4.14 includes the fix.
fe0f686c9228fffcec6de4011da45e69a6e23e54Users should upgrade to openclaw 2026.4.10 or newer. The latest npm release, 2026.4.14, already includes the fix.
Thanks to @zpbrent and @zsxsoft, with sponsorship from @KeenSecurityLab and @qclawer for reporting this issue.
2026.4.10Exploitability
AV:NAC:LAT:NPR:LUI:NVulnerable System
VC:NVI:HVA:NSubsequent System
SC:NSI:NSA:N7.1/CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N