CVE-2026-22178 Overview
CVE-2026-22178 is a regex injection vulnerability affecting OpenClaw, a Node.js-based application. Versions prior to 2026.2.19 construct RegExp objects directly from unescaped Feishu mention metadata in the stripBotMention function, allowing regex injection and denial of service attacks. Attackers can craft nested-quantifier patterns or metacharacters in mention metadata to trigger catastrophic backtracking, block message processing, or remove unintended content before model processing.
Critical Impact
Attackers can exploit this vulnerability to cause denial of service through catastrophic regex backtracking or manipulate message content by injecting malicious regex patterns through Feishu mention metadata.
Affected Products
- OpenClaw versions prior to 2026.2.19
- OpenClaw for Node.js (all platforms)
Discovery Timeline
- 2026-03-18 - CVE-2026-22178 published to NVD
- 2026-03-19 - Last updated in NVD database
Technical Details for CVE-2026-22178
Vulnerability Analysis
This vulnerability falls under CWE-1333 (Inefficient Regular Expression Complexity), commonly known as ReDoS (Regular Expression Denial of Service). The core issue resides in how the stripBotMention function processes Feishu mention metadata without proper input sanitization.
When processing incoming messages, OpenClaw dynamically constructs regular expressions using user-controlled mention metadata (mention.name and mention.key). Because this input is not escaped for regex metacharacters, an attacker can inject special regex syntax that either causes exponential backtracking (leading to CPU exhaustion) or matches unintended portions of the message content.
The network-accessible nature of this vulnerability means remote attackers can exploit it without authentication by sending crafted Feishu messages containing malicious mention metadata.
Root Cause
The root cause is the direct interpolation of unsanitized user input into RegExp constructors. The vulnerable code passes mention.name and mention.key values directly into new RegExp() without escaping regex metacharacters such as *, +, ?, ^, $, {}, (), |, [], and \\. This allows attackers to:
- Inject nested quantifiers (e.g., (a+)+) causing catastrophic backtracking
- Use metacharacters to match broader content than intended
- Potentially remove or manipulate message content before it reaches model processing
Attack Vector
The vulnerability is exploitable over the network without requiring authentication. An attacker can craft a Feishu message with malicious mention metadata containing regex metacharacters. When OpenClaw processes this message through the stripBotMention function, the injected patterns execute as part of the regex matching operation.
For example, a mention name containing .* would match any content, while nested quantifiers like (a+)+b against a string of many 'a' characters would cause exponential processing time.
The following patch demonstrates the fix applied in the security commit:
return false;
}
+function escapeRegExp(s: string): string {
+ return s.replace(/[.*+?^${}()|[\]\\]/g, "\\$&");
+}
+
function stripBotMention(
text: string,
mentions?: FeishuMessageEvent["message"]["mentions"],
): string {
if (!mentions || mentions.length === 0) return text;
let result = text;
for (const mention of mentions) {
- result = result.replace(new RegExp(`@${mention.name}\\s*`, "g"), "").trim();
- result = result.replace(new RegExp(mention.key, "g"), "").trim();
+ result = result.replace(new RegExp(`@${escapeRegExp(mention.name)}\\s*`, "g"), "").trim();
+ result = result.replace(new RegExp(escapeRegExp(mention.key), "g"), "").trim();
}
return result;
}
Source: GitHub Commit Fix
Detection Methods for CVE-2026-22178
Indicators of Compromise
- Unexpected CPU spikes during Feishu message processing
- Application timeouts or hangs when handling specific messages
- Log entries showing abnormally long regex processing times
- Message content appearing truncated or modified unexpectedly
Detection Strategies
- Monitor Node.js process CPU utilization for sustained high usage patterns during message handling
- Implement regex execution timeout monitoring in application performance tools
- Review incoming Feishu message payloads for unusual characters in mention metadata fields
- Deploy application-level logging to capture regex pattern construction and execution times
Monitoring Recommendations
- Set up alerting for Node.js event loop delays exceeding normal thresholds
- Monitor the extensions/feishu/src/bot.ts module for error conditions
- Track message processing latency metrics to identify potential ReDoS attacks
- Implement rate limiting on incoming Feishu webhook endpoints
How to Mitigate CVE-2026-22178
Immediate Actions Required
- Upgrade OpenClaw to version 2026.2.19 or later immediately
- Review Feishu integration configurations for any signs of exploitation
- Implement input validation on Feishu mention metadata at the application boundary
- Consider temporarily disabling Feishu bot mention processing if immediate upgrade is not possible
Patch Information
The OpenClaw team has released security patches addressing this vulnerability. The fix introduces an escapeRegExp function that properly escapes all regex metacharacters before constructing RegExp objects from user input. For detailed patch information, see the GitHub Security Advisory and the GitHub Commit Fix.
Workarounds
- Implement a proxy layer that sanitizes Feishu mention metadata before reaching OpenClaw
- Add regex execution timeouts using libraries like safe-regex or re2 for Node.js
- Deploy a Web Application Firewall (WAF) rule to filter messages containing suspicious regex metacharacters
- Temporarily disable the bot mention stripping functionality if not critical to operations
# Configuration example
# Upgrade OpenClaw to the patched version
npm update openclaw@2026.2.19
# Alternatively, apply the specific security commit
cd /path/to/openclaw
git fetch origin
git cherry-pick 7e67ab75cc2f0e93569d12fecd1411c2961fcc8c
npm run build
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
