GHSA-h4jx-hjr3-fhgc: OpenClaw: Gateway Plugin Subagent Fallback `deleteSession` Uses Synthetic `operator.admin`

March 29, 2026

Gateway Plugin Subagent Fallback deleteSession Uses Synthetic operator.admin

References

github.com/advisories/GHSA-h4jx-hjr3-fhgc
github.com/openclaw/openclaw
github.com/openclaw/openclaw/commit/b5d785f1a59a56c3471f2cef328f7c9a6c15f3e7
github.com/openclaw/openclaw/security/advisories/GHSA-h4jx-hjr3-fhgc

Code Behaviors & Features

Detect and mitigate GHSA-h4jx-hjr3-fhgc with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →