GHSA-jf25-7968-h2h5: OpenClaw: screen_record outPath bypassed workspace-only filesystem guard

April 17, 2026

screen_record outPath bypassed workspace-only filesystem guard.

References

github.com/advisories/GHSA-jf25-7968-h2h5
github.com/openclaw/openclaw
github.com/openclaw/openclaw/commit/635bb35b68d8faa5bfa2fda35feadd315122748a
github.com/openclaw/openclaw/pull/63551
github.com/openclaw/openclaw/security/advisories/GHSA-jf25-7968-h2h5

Code Behaviors & Features

Detect and mitigate GHSA-jf25-7968-h2h5 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →