GHSA-g55j-c2v4-pjcg: OpenClaw vulnerable to Unauthenticated Local RCE via WebSocket config.apply

February 4, 2026

An unauthenticated local client could use the Gateway WebSocket API to write config via config.apply and set unsafe cliPath values that were later used for command discovery, enabling command injection as the gateway user.

References

github.com/advisories/GHSA-g55j-c2v4-pjcg
github.com/openclaw/openclaw
github.com/openclaw/openclaw/security/advisories/GHSA-g55j-c2v4-pjcg

Code Behaviors & Features

Detect and mitigate GHSA-g55j-c2v4-pjcg with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →