GHSA-846p-hgpv-vphc: OpenClaw: QQ Bot structured payloads could read arbitrary local files

April 7, 2026

Before OpenClaw 2026.4.2, QQ Bot structured media payloads could read local files from attacker-chosen paths. A crafted structured payload could escape QQ Bot-owned media roots and cause arbitrary file reads on the host.

References

github.com/advisories/GHSA-846p-hgpv-vphc
github.com/openclaw/openclaw
github.com/openclaw/openclaw/commit/2c45b06afdd6f7c621038b5419d8e661cff34a7f
github.com/openclaw/openclaw/security/advisories/GHSA-846p-hgpv-vphc

Code Behaviors & Features

Detect and mitigate GHSA-846p-hgpv-vphc with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →