GHSA-wj55-88gf-x564: OpenClaw may have stale policy enforcement for queued node actions

March 26, 2026

Queued node actions were not revalidated against current command policy when later delivered, so stale allowlists or declarations could survive policy tightening.

References

github.com/advisories/GHSA-wj55-88gf-x564
github.com/openclaw/openclaw
github.com/openclaw/openclaw/commit/ec2c6d83b9f5f91d6d9094842e0f19b88e63e3e2
github.com/openclaw/openclaw/security/advisories/GHSA-wj55-88gf-x564

Code Behaviors & Features

Detect and mitigate GHSA-wj55-88gf-x564 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →