CVE-2026-28446

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.2.2

Description An authentication bypass exists in the optional voice-call extension when inbound allowlist policy validation is used. The system accepts empty caller IDs and uses suffix-based matching instead of strict equality. This allows remote attackers to bypass inbound access controls by placing calls with missing caller IDs or numbers ending with allowlisted digits, potentially reaching the voice-call agent and executing tools. The issue affects deployments that have the voice-call extension installed and enabled. The vulnerability is related to the inbound allowlist check in the extensions/voice-call/src/manager.ts file, which used suffix-based matching and accepted empty caller IDs after normalization. Specifically, missing or empty from values normalized to an empty string, causing the allowlist predicate to evaluate as allowed. Additionally, suffix-based matching meant any caller number whose digits ended with an allowlisted number would be accepted. The vulnerable component is the voice-call extension.

Recommendations OpenClaw versions prior to 2026.2.2 should be updated to version 2026.2.2 or later.