GHSA-2ch6-x3g4-7759: OpenClaw's commands.allowFrom sender authorization accepted conversation identifiers via ctx.From

March 3, 2026

commands.allowFrom is documented as a sender authorization allowlist for commands/directives, but command authorization could include ctx.From (conversation identity) as a sender candidate.

When commands.allowFrom contained conversation-like identifiers (for example Discord channel:<id> or WhatsApp group JIDs), command/directive authorization could be granted to participants in that conversation instead of only the intended sender identity.

References

github.com/advisories/GHSA-2ch6-x3g4-7759
github.com/openclaw/openclaw
github.com/openclaw/openclaw/commit/08e2aa44e78a9c946d97bea62304e6f533b8fa8e
github.com/openclaw/openclaw/security/advisories/GHSA-2ch6-x3g4-7759

Code Behaviors & Features

Detect and mitigate GHSA-2ch6-x3g4-7759 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →