GHSA-39pp-xp36-q6mg: OpenClaw has Inconsistent Host Exec Environment Override Sanitization

March 26, 2026

Gateway host exec env override handling did not consistently apply the shared host environment policy, so blocked or malformed override keys could slip through inconsistent sanitization paths.

References

github.com/advisories/GHSA-39pp-xp36-q6mg
github.com/openclaw/openclaw
github.com/openclaw/openclaw/security/advisories/GHSA-39pp-xp36-q6mg

Code Behaviors & Features

Detect and mitigate GHSA-39pp-xp36-q6mg with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →