GHSA-jhpv-5j76-m56h: OpenClaw: Sender policy bypass in host media attachment reads allows unauthorized local file disclosure

April 17, 2026

OpenClaw’s outbound host-media attachment read helper could enable host-local file reads based on global or agent-level read access without also honoring sender and group-scoped tool policy. In channel deployments that used toolsBySender or group policy to deny read for less-trusted senders, a denied sender could still trigger host-media attachment loading and cause readable local files to be returned through the outbound media path.

References

github.com/advisories/GHSA-jhpv-5j76-m56h
github.com/openclaw/openclaw
github.com/openclaw/openclaw/commit/c949af9fabf3873b5b7c484090cb5f5ab6049a98
github.com/openclaw/openclaw/pull/64459
github.com/openclaw/openclaw/security/advisories/GHSA-jhpv-5j76-m56h

Code Behaviors & Features

Detect and mitigate GHSA-jhpv-5j76-m56h with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →