CVE-2026-35617 — OpenClaw before 2026.3.25 contains an authorization bypass vulnerability in Google Chat group policy enforcement that relies on mutable space display names. Attackers can rebind group policies by chan — CVE Database · The Intelligence Room