CVE-2026-35635

OpenClaw before 2026.3.22 contains a webhook path route replacement vulnerability in the Synology Chat extension that allows attackers to collapse multi-account configurations onto shared webhook paths. Attackers can exploit inherited or duplicate webhook paths to bypass per-account DM access control policies and replace route ownership across accounts.

More information : https://github.com/openclaw/openclaw/commit/630f1479c44f78484dfa21bb407cbe6f171dac87