What happened
CVE-2026-53857 (CVSS 8.1 HIGH) published 2026-06-16. OpenClaw before 2026.5.3 contains a policy enforcement vulnerability where Zalo contacts with mutable display metadata could match allowFrom policy entries through display name changes, allowing attackers to receive agent responses intended for other Zalo identities.
Why it matters
Same class of mutable-identity policy bypass as CVE-2026-53849 but affecting the Zalo messaging integration. Enables unauthorised prompt injection and data exfiltration from the agent pipeline without any technical exploit beyond a display-name change.
Attack vector
OpenClaw's allowFrom policy for Zalo contacts matches on mutable display metadata rather than stable sender identity. An attacker changes their Zalo display name to match a policy entry, causing OpenClaw to route agent responses intended for a different identity to the attacker.
Affected systems
OpenClaw < 2026.5.3
Mitigation
Upgrade OpenClaw to version 2026.5.3 or later. Advisory: https://github.com/openclaw/openclaw/security/advisories/GHSA-8c59-hr4w-qg69