GHSA-g27f-9qjv-22pm: OpenClaw log poisoning (indirect prompt injection) via WebSocket headers
In openclaw versions prior to 2026.2.13, OpenClaw logged certain WebSocket request headers (including Origin and User-Agent) without neutralization or length limits on the “closed before connect” path.
If an unauthenticated client can reach the gateway and send crafted header values, those values may be written into core logs. Under workflows where logs are later read or interpreted by an LLM (for example via AI-assisted debugging), this can increase the risk of indirect prompt injection (log poisoning).
References
- github.com/advisories/GHSA-g27f-9qjv-22pm
- github.com/openclaw/openclaw
- github.com/openclaw/openclaw/commit/d637a263505448bf4505b85535babbfaacedbaac
- github.com/openclaw/openclaw/pull/15592
- github.com/openclaw/openclaw/releases/tag/v2026.2.13
- github.com/openclaw/openclaw/security/advisories/GHSA-g27f-9qjv-22pm
Code Behaviors & Features
Detect and mitigate GHSA-g27f-9qjv-22pm with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →