GHSA-g374-mggx-p6xc: OpenClaw: Incomplete scope-clearing fix allows operator.admin escalation via trusted-proxy auth mode

April 3, 2026

Incomplete scope-clearing fix allows operator.admin escalation via trusted-proxy auth mode

References

github.com/advisories/GHSA-g374-mggx-p6xc
github.com/openclaw/openclaw
github.com/openclaw/openclaw/commit/8b88b927cb0747ad24d95b07d35682bf85dc5b0e
github.com/openclaw/openclaw/releases/tag/v2026.3.31
github.com/openclaw/openclaw/security/advisories/GHSA-g374-mggx-p6xc

Code Behaviors & Features

Detect and mitigate GHSA-g374-mggx-p6xc with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →