GHSA-cjv3-m589-v3rx: OpenClaw has Canvas route hardening for mixed-trust deployments

March 3, 2026

This advisory tracks a defense-in-depth hardening for canvas routes. In mixed-trust or network-visible deployments, prior canvas auth/fallback behavior could broaden access beyond intended boundaries.

References

github.com/advisories/GHSA-cjv3-m589-v3rx
github.com/openclaw/openclaw
github.com/openclaw/openclaw/commit/08a7967936cfc0b2af6b27ec1f9272542648ad6c
github.com/openclaw/openclaw/commit/c45f3c5b004c8d63dc0e282e2176f8c9355d24f1
github.com/openclaw/openclaw/security/advisories/GHSA-cjv3-m589-v3rx

Code Behaviors & Features

Detect and mitigate GHSA-cjv3-m589-v3rx with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →