GHSA-5h3g-6xhh-rg6p: OpenClaw: OpenShell FS bridge reads pin and verify the opened file before returning bytes

May 4, 2026

OpenShell FS bridge reads pin and verify the opened file before returning bytes

References

github.com/advisories/GHSA-5h3g-6xhh-rg6p
github.com/openclaw/openclaw
github.com/openclaw/openclaw/commit/95119017c847c737bd113f0bff728c4666d79c45
github.com/openclaw/openclaw/security/advisories/GHSA-5h3g-6xhh-rg6p

Code Behaviors & Features

Detect and mitigate GHSA-5h3g-6xhh-rg6p with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →