GHSA-9q36-67vc-rrwg: OpenClaw: Sandboxed /acp spawn requests could initialize host ACP sessions

March 9, 2026

Sandboxed requester sessions could reach host-side ACP session initialization through /acp spawn.

OpenClaw already blocked sessions_spawn({ runtime: "acp" }) from sandboxed sessions, but the slash-command path initialized ACP directly without applying the same host-runtime guard first.

References

github.com/advisories/GHSA-9q36-67vc-rrwg
github.com/openclaw/openclaw
github.com/openclaw/openclaw/commit/61000b8e4ded919ca1a825d4700db4cb3fdc56e3
github.com/openclaw/openclaw/releases/tag/v2026.3.7
github.com/openclaw/openclaw/security/advisories/GHSA-9q36-67vc-rrwg

Code Behaviors & Features

Detect and mitigate GHSA-9q36-67vc-rrwg with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →