GHSA-5gj7-jf77-q2q2: OpenClaw: safeBins static default trusted dirs allow writable-dir binary hijack (`jq`)

March 3, 2026

In openclaw<=2026.2.23, safe-bin trust in allowlist mode relied on static default trusted directories that included package-manager paths (notably /opt/homebrew/bin and /usr/local/bin). When a same-name binary (for example jq) is placed in one of those trusted default directories, safe-bin evaluation can be satisfied and execute the attacker-controlled binary.

References

github.com/advisories/GHSA-5gj7-jf77-q2q2
github.com/openclaw/openclaw
github.com/openclaw/openclaw/commit/b67e600bff696ff2ed9b470826590c0ce6b3bb0a
github.com/openclaw/openclaw/security/advisories/GHSA-5gj7-jf77-q2q2

Code Behaviors & Features

Detect and mitigate GHSA-5gj7-jf77-q2q2 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →