GHSA-wmgj-hrx3-23gj: Duplicate Advisory: OpenClaw: Unbound interpreter and runtime commands could bypass node-host approval integrity

March 29, 2026 (updated April 6, 2026)

Duplicate Advisory

This advisory has been withdrawn because it is a duplicate of GHSA-xf99-j42q-5w5p. This link is maintained to preserve external references.

Original Description

OpenClaw before 2026.3.11 contains an approval integrity vulnerability allowing attackers to execute rewritten local code by modifying scripts between approval and execution when exact file binding cannot occur. Remote attackers can change approved local scripts before execution to achieve unintended code execution as the OpenClaw runtime user.

References

github.com/advisories/GHSA-wmgj-hrx3-23gj
github.com/openclaw/openclaw/security/advisories/GHSA-xf99-j42q-5w5p
nvd.nist.gov/vuln/detail/CVE-2026-32979
www.vulncheck.com/advisories/openclaw-unbound-interpreter-and-runtime-commands-bypass-in-node-host-approval

Code Behaviors & Features

Detect and mitigate GHSA-wmgj-hrx3-23gj with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →